-
gnutls28 (3.7.7-2ubuntu2.1) kinetic-security; urgency=medium
* SECURITY UPDATE: timing sidechannel in RSA decryption
- debian/patches/CVE-2023-0361-1.patch: side-step potential
side-channel in lib/auth/rsa.c.
- debian/patches/CVE-2023-0361-2.patch: remove dead code in
lib/auth/rsa.c.
- CVE-2023-0361
-- Marc Deslauriers <email address hidden> Tue, 14 Feb 2023 16:10:15 -0500
-
gnutls28 (3.7.7-2ubuntu2) kinetic; urgency=medium
* Fix Segmentation Fault due to misdetected Intel AVX support
(LP: #1988398)
-- Gregor Jasny <email address hidden> Thu, 01 Sep 2022 07:42:53 +0100
-
gnutls28 (3.7.7-2ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enable CET.
- Set default priority string to only allow TLS1.2, DTLS1.2, and
TLS1.3 with medium security profile (2048 RSA keys minimum, and
similar).
- Reduce parallelism in build to 2 to address FTBFS with lto
gnutls28 (3.7.7-2) unstable; urgency=medium
* 50_01-Avoid-redirection-bashism-in-testsuite.patch: Fix CI error.
gnutls28 (3.7.7-1) unstable; urgency=low
* New upstream bugfix release: Fixes double free during verification of
pkcs7 signatures. [GNUTLS-SA-2022-07-07, CVSS: medium] [CVE-2022-2509]
+ Update symbol file.
* Add lintian overrides for source-is-missing false positives.
-- Gianfranco Costamagna <email address hidden> Mon, 01 Aug 2022 09:33:38 +0200
-
gnutls28 (3.7.6-2ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enable CET.
- Set default priority string to only allow TLS1.2, DTLS1.2, and
TLS1.3 with medium security profile (2048 RSA keys minimum, and
similar).
- Reduce parallelism in build to 2 to address FTBFS with lto
gnutls28 (3.7.6-2) unstable; urgency=low
* Upload to unstable.
gnutls28 (3.7.6-1) experimental; urgency=low
* New upstream version.
gnutls28 (3.7.5-1) experimental; urgency=low
* New upstream version.
+ Update symbol file.
-- Gianfranco Costamagna <email address hidden> Sun, 19 Jun 2022 12:43:43 +0200
-
gnutls28 (3.7.4-2ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enable CET.
- Set default priority string to only allow TLS1.2, DTLS1.2, and
TLS1.3 with medium security profile (2048 RSA keys minimum, and
similar).
- Reduce parallelism in build to 2 to address FTBFS with lto
gnutls28 (3.7.4-2) unstable; urgency=low
* 40_srptest_doubletimeout.diff: Increase timeout for tests/srp to fix
occasionasonal error on slow buildds (mipsel, hppa).
* Upload to unstable.
gnutls28 (3.7.4-1) experimental; urgency=low
* Drop superfluous dependency on libopts25-dev.
* New upstream version.
+ Drop superfluous patches. (40_bashism_in_test.diff
41_more_bashism_in_test.diff)
+ Update symbol file.
+ libgnutlsxx soname bumped due to ABI break in .1 (db_check_entry and
db_check_entry now have const parameters).
-- Gianfranco Costamagna <email address hidden> Fri, 29 Apr 2022 10:25:13 +0200
-
gnutls28 (3.7.4-2) unstable; urgency=low
* 40_srptest_doubletimeout.diff: Increase timeout for tests/srp to fix
occasionasonal error on slow buildds (mipsel, hppa).
* Upload to unstable.
-- Andreas Metzler <email address hidden> Thu, 14 Apr 2022 08:54:25 +0200
-
gnutls28 (3.7.3-4ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Enable CET.
- Set default priority string to only allow TLS1.2, DTLS1.2, and
TLS1.3 with medium security profile (2048 RSA keys minimum, and
similar).
- Reduce parallelism in build to 2 to address FTBFS with lto
gnutls28 (3.7.3-4) unstable; urgency=low
[ Helmut Grohne ]
* Fix FTCBFS: Annotate python3 dependency with :any. (Closes: #1004183)
[ Andreas Metzler ]
* CI: Sort test list.
* CI: Skip another test wrapping a binary test.
* CI: Fix missed &> redirection.
gnutls28 (3.7.3-3) unstable; urgency=low
* Fix CI errors:
+ Set PKCS12_ITER_COUNT=600000, avoid more tests requiring a special test
binary.
+ 40_bashism_in_test.diff: Avoid &> redirection.
gnutls28 (3.7.3-2) unstable; urgency=low
* B-d on python3 instead of python3-minimal, the json module is not part of
-minimal.
* Upload to unstable.
gnutls28 (3.7.3-1) experimental; urgency=low
* New upstream version.
+ Does not use GNU autogen anymore, update Build-Depends.
+ Drop 40_fix-gtk-mkhtml.patch.
+ Update symbol file.
-- Gianfranco Costamagna <email address hidden> Mon, 24 Jan 2022 09:23:08 +0100