gnutls28 3.7.3-4ubuntu1.3 source package in Ubuntu

Changelog

gnutls28 (3.7.3-4ubuntu1.3) jammy-security; urgency=medium

  * SECURITY UPDATE: timing side-channel inside RSA-PSK key exchange
    - debian/patches/CVE-2023-5981.patch: side-step potential side-channel
      in lib/auth/rsa.c, lib/auth/rsa_psk.c, lib/gnutls_int.h,
      lib/priority.c.
    - CVE-2023-5981

 -- Marc Deslauriers <email address hidden>  Fri, 17 Nov 2023 09:19:42 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Jammy
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gnutls28_3.7.3.orig.tar.xz 5.8 MiB fc59c43bc31ab20a6977ff083029277a31935b8355ce387b634fa433f8f6c49a
gnutls28_3.7.3.orig.tar.xz.asc 833 bytes a2f95ac5d7dd951bddef01ec9930616dd1a5226173b3dc7896b3bed411c91d9a
gnutls28_3.7.3-4ubuntu1.3.debian.tar.xz 75.7 KiB 447552994f9c58628da295e9ebec6cb6291b4ea7af8ca37359d47203e7fa4515
gnutls28_3.7.3-4ubuntu1.3.dsc 3.5 KiB afe8368d1e3a3d0f799541271eb4dda3d598c3d44fe8e887acbdd2093330c2fe

View changes file

Binary packages built by this source

gnutls-bin: GNU TLS library - commandline utilities

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-bin-dbgsym: debug symbols for gnutls-bin
gnutls-doc: GNU TLS library - documentation and examples

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains all the GnuTLS documentation.

guile-gnutls: GNU TLS library - GNU Guile bindings

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the GNU Guile modules.

guile-gnutls-dbgsym: debug symbols for guile-gnutls
libgnutls-dane0: GNU TLS library - DANE security support

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the runtime library for DANE (DNS-based Authentication
 of Named Entities) support.

libgnutls-dane0-dbgsym: debug symbols for libgnutls-dane0
libgnutls-openssl27: GNU TLS library - OpenSSL wrapper

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the runtime library of the GnuTLS OpenSSL wrapper.

libgnutls-openssl27-dbgsym: debug symbols for libgnutls-openssl27
libgnutls28-dev: GNU TLS library - development files

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the GnuTLS development files.

libgnutls30: GNU TLS library - main runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the main runtime library.

libgnutls30-dbgsym: debug symbols for libgnutls30
libgnutlsxx28: GNU TLS library - C++ runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the C++ runtime libraries.

libgnutlsxx28-dbgsym: debug symbols for libgnutlsxx28