-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Jul 2025 07:02:19 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: ppc64el
Version: 3.7.9-2+deb12u5
Distribution: bookworm-security
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.7.9-2+deb12u5) bookworm-security; urgency=medium
 .
   * Cherry-pick fixes from 3.8.10 release:
      + libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits
        PSK Reported by Stefan Bühler.
        [GNUTLS-SA-2025-07-07-4, CVSS: medium] [CVE-2025-6395]
      + libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS
        timestamps Spotted by oss-fuzz and reported by OpenAI Security
        Research Team, and fix developed by Andrew Hamilton.
        [GNUTLS-SA-2025-07-07-1, CVSS: medium] [CVE-2025-32989]
      + libgnutls: Fix double-free upon error when exporting otherName in
        SAN Reported by OpenAI Security Research Team.
        [GNUTLS-SA-2025-07-07-2, CVSS: low] [CVE-2025-32988]
      + certtool: Fix 1-byte write buffer overrun when parsing template
        Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low]
        [CVE-2025-32990]
      + Fixes for memory leaks in lib/x509/x509_ext.c andlib/hello_ext.c.
      + Fix uninitialized memory read while processing the "pre_shared_key"
        extension in TLS 1.3.
      + Avoid uninitialized use of crq version.
Checksums-Sha1:
 560724132da41d395ac044df005818f131df2f23 857340 gnutls-bin-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 e24847efbc878d9ac1ac1c09e3946608f8e59651 640832 gnutls-bin_3.7.9-2+deb12u5_ppc64el.deb
 826b4d743d16181576891887301cd32214a1806e 11511 gnutls28_3.7.9-2+deb12u5_ppc64el-buildd.buildinfo
 85fba59d1f3103fd44cf21af6b42495290c4734d 268112 guile-gnutls-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 dd926b046470c06c2a0a15601163e403c68c6d5d 463596 guile-gnutls_3.7.9-2+deb12u5_ppc64el.deb
 068ea6ac7581178222f5b8975927a9e4cbc107f3 94708 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 9d3765bd384bd8d2260816ef9f730bd5aff3b164 409568 libgnutls-dane0_3.7.9-2+deb12u5_ppc64el.deb
 910eae7945f12bd8831de3e06342ae261aabf8f9 95784 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 e2b1623cf111804cbb1245ea6366855eda5e006a 409276 libgnutls-openssl27_3.7.9-2+deb12u5_ppc64el.deb
 eba814c46eaaad8f853e469e4b3510d1d3e6369e 1413996 libgnutls28-dev_3.7.9-2+deb12u5_ppc64el.deb
 908202578b79e02fc398ee2bfbcadc6d44af38c7 2059460 libgnutls30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 88ec8c2c18a5d3cebc72dadeb5d7f5ec5b364f1e 1371340 libgnutls30_3.7.9-2+deb12u5_ppc64el.deb
 971a4e1c9f39bd03083c8747c450c5b7fee988a8 49960 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 94eec5334d41a8af0bd3fa7b7421e670a1b91227 14536 libgnutlsxx30_3.7.9-2+deb12u5_ppc64el.deb
Checksums-Sha256:
 39b2181a8d4aad6a4e83e96aaf7a5cc5458be3bf9b6794e497481d944776260f 857340 gnutls-bin-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 d04710f0cf88bb65149f4fbfd4ef0d068a9790efaeeeb4cc24b2749ac9b46b38 640832 gnutls-bin_3.7.9-2+deb12u5_ppc64el.deb
 e39fe323815dd685db5fcf366c951dace70b7f9628b2e4e0c5861304e876a4bd 11511 gnutls28_3.7.9-2+deb12u5_ppc64el-buildd.buildinfo
 3422a149c920fc27bb8c293789f43ca4d9d631ec2176e1e895fa222f0bbc7dd4 268112 guile-gnutls-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 2f574bdbb84208f2a69fabd422bfe5ddeb90731559ff03cbe3fbc460f22ae275 463596 guile-gnutls_3.7.9-2+deb12u5_ppc64el.deb
 e2c4f2ebdbb511c3c3f7ef26eb6a3bf64b3e6a378da1665e6c9945087eff7f18 94708 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 667cfb6c163e5ca983b66dac7da0e64865c5dc566965c652f30601f18631840d 409568 libgnutls-dane0_3.7.9-2+deb12u5_ppc64el.deb
 8983a616fb9957cf47aa0a02b05b478a7d67f6c3cbcdb05f5b8356a300f5ebb2 95784 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 7a4cf92baee1fcb06d893d0bb24442b0df97356649f20e258cf5fe2e596f6c49 409276 libgnutls-openssl27_3.7.9-2+deb12u5_ppc64el.deb
 e03e873364ad6fff7cf12b6dafe14e58d2752cf8d6234a10cae65fc4a0fa4717 1413996 libgnutls28-dev_3.7.9-2+deb12u5_ppc64el.deb
 9eeed4e5a36f1fbdba930888044a2401eb22bff735a3700a1c3a3ad974b100d5 2059460 libgnutls30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 828a22f9c08ae8954a473570d1a575e4c94e33a1cd02d854ef158dbfa0f79e46 1371340 libgnutls30_3.7.9-2+deb12u5_ppc64el.deb
 70b42b77defdbe2412003a372b8ab8de7894c8194a077c9ac9433cd9f1afd71d 49960 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 d0e0baec981e359c0e18c1fc2e4f1e661567a3f184b508a52d993f1e07448afb 14536 libgnutlsxx30_3.7.9-2+deb12u5_ppc64el.deb
Files:
 69ddb54d0a956200063770e1e3be7b4c 857340 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 6b625482ad535b78944d630adb5aa970 640832 net optional gnutls-bin_3.7.9-2+deb12u5_ppc64el.deb
 dc8ae4df77ec6b4e1cb4e5c5af17d4f8 11511 libs optional gnutls28_3.7.9-2+deb12u5_ppc64el-buildd.buildinfo
 4915d1cc48ef877488ef9aab75659c0c 268112 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 ecb2902b296bdf34d58f9ccdbdc42c29 463596 lisp optional guile-gnutls_3.7.9-2+deb12u5_ppc64el.deb
 4655aba80a215e9896d37334da6a73a1 94708 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 19f011bb0ea9704361602e10c6003158 409568 libs optional libgnutls-dane0_3.7.9-2+deb12u5_ppc64el.deb
 b9521939b68dde2b2cc4b12695abd49b 95784 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 68faf7f2063ad41ef35c8d5dde1f1356 409276 libs optional libgnutls-openssl27_3.7.9-2+deb12u5_ppc64el.deb
 381dc16875b488b8b5ce100ad6118994 1413996 libdevel optional libgnutls28-dev_3.7.9-2+deb12u5_ppc64el.deb
 4c6a99a115397fe12ab61d07e870d289 2059460 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 7f5fe38275561fd1c8d760484a477224 1371340 libs optional libgnutls30_3.7.9-2+deb12u5_ppc64el.deb
 e23fd9ec33cfb504c48755b962401cdf 49960 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_ppc64el.deb
 d61763151961f887652b810fa3b80d68 14536 libs optional libgnutlsxx30_3.7.9-2+deb12u5_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmh17Z4ACgkQ1PowSTJ8
+YQLrg/+M0u0Vqv2E3/1iinXNEVI1avXYscPVBlBJDPhwrLH129AktvMtOPX+rhN
Hk0nl0gNLArJMQy/Nxl9Ad1ixbrg66LJL9hmO2CoU84gB80LHkblxRX01t2Y/k6P
6E0yu52fW/cyPtDTSyNFHF+XC3utjMjZ2VXZMPb63H7tRbdWNLWI5W9Hyi5EnVgQ
Tb9c3uPNh6pHJEqIT/2mRUVmUmW2EsVN5IED5L3HEqiPP5mQYg5M0USo4e4cgcHs
z6C/bYEX9tu3PVJVKpiBaGXycsoqirKZA0/KMVLkEmcvhZ9d3e6F0gMLZ+l3H12B
QkwpAmYID2fyYpxLwz0iqySiKgPGcNJ+mTDx8/Etw0gsEAgzA1HHYguAt/jhDt8M
e9rQDm3oAVNjaR1GUkVGZY1K/1Tom4SH0tnQEh/CDrgtfFePLzmbb+WfIhe5n1oC
+g+6hcrOSsUrftgl9BDLmlIau+DldCHb/1as6qBNfmuEtACkWkGRYjC/5HgHtDyN
oJXwkQgn6G5IEbziHk7AZpqPqs3bMqlR2Ggz32hP5BHd0m5ZnP4hIONWussf1+4S
xqreLUthNhnqq/oeK9IGbcKfFp3BmUztyI17StUy96Tp5cPXEMA1iqAv7rvfpwS3
omLMjmof8RvKtPBaCcCQlAywq4G2NIy47uMnAWMh06Cc53lUORk=
=7kW4
-----END PGP SIGNATURE-----