-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Jul 2025 07:02:19 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: armel
Version: 3.7.9-2+deb12u5
Distribution: bookworm-security
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.7.9-2+deb12u5) bookworm-security; urgency=medium
 .
   * Cherry-pick fixes from 3.8.10 release:
      + libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits
        PSK Reported by Stefan Bühler.
        [GNUTLS-SA-2025-07-07-4, CVSS: medium] [CVE-2025-6395]
      + libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS
        timestamps Spotted by oss-fuzz and reported by OpenAI Security
        Research Team, and fix developed by Andrew Hamilton.
        [GNUTLS-SA-2025-07-07-1, CVSS: medium] [CVE-2025-32989]
      + libgnutls: Fix double-free upon error when exporting otherName in
        SAN Reported by OpenAI Security Research Team.
        [GNUTLS-SA-2025-07-07-2, CVSS: low] [CVE-2025-32988]
      + certtool: Fix 1-byte write buffer overrun when parsing template
        Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low]
        [CVE-2025-32990]
      + Fixes for memory leaks in lib/x509/x509_ext.c andlib/hello_ext.c.
      + Fix uninitialized memory read while processing the "pre_shared_key"
        extension in TLS 1.3.
      + Avoid uninitialized use of crq version.
Checksums-Sha1:
 5a27cc056f2b5567ea2d5e20fa5a1fbf846b7b11 830540 gnutls-bin-dbgsym_3.7.9-2+deb12u5_armel.deb
 cd51e11552dfe87e3b16a51cde8fc02bb8d5702d 609480 gnutls-bin_3.7.9-2+deb12u5_armel.deb
 7e36871440c05a8b1ace7cd157e696a5f53cc3b9 11274 gnutls28_3.7.9-2+deb12u5_armel-buildd.buildinfo
 f122845eee9f802812319df69b14ef4619d3fef7 258068 guile-gnutls-dbgsym_3.7.9-2+deb12u5_armel.deb
 2d839f4cc2e027a8198a43e0ad4131c776b9b498 456244 guile-gnutls_3.7.9-2+deb12u5_armel.deb
 d3de725000d467437826b80753c220e715db62e0 89360 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_armel.deb
 e353b092070511dd03b408ab6eb3f31049f8d6dc 402364 libgnutls-dane0_3.7.9-2+deb12u5_armel.deb
 8233cec2b851fbcf1770a74cc1ac52498bcf7ba9 90896 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_armel.deb
 ad6baf569b959c2668756609a7bcbb97090ae2e4 402204 libgnutls-openssl27_3.7.9-2+deb12u5_armel.deb
 5239424b355e3672037a4e3bae956cabdb22c1d5 1279536 libgnutls28-dev_3.7.9-2+deb12u5_armel.deb
 b47f1cd779f0a0c03c0a11adbd22d43d147bad0b 2005112 libgnutls30-dbgsym_3.7.9-2+deb12u5_armel.deb
 c37f4dbe39395dbd5b4ff8bc986e935afddee273 1310012 libgnutls30_3.7.9-2+deb12u5_armel.deb
 70a2c18e9291b468f20ca7e36fa1f4f32563b9db 49068 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_armel.deb
 92bc42866738a0a712c2288f8f941518422117e0 11972 libgnutlsxx30_3.7.9-2+deb12u5_armel.deb
Checksums-Sha256:
 cd0da7191e25e3d0be47a50a735319c5fd16aa02eda57452b6d8eab27ecbb313 830540 gnutls-bin-dbgsym_3.7.9-2+deb12u5_armel.deb
 2e2bc68d72636f1c552d9b32328ca8451777329f878c8292e8d660c38f5d854c 609480 gnutls-bin_3.7.9-2+deb12u5_armel.deb
 354a8257c9b0135ac952a53a89ecc6a27185190cfc9300729c7f7502fada6110 11274 gnutls28_3.7.9-2+deb12u5_armel-buildd.buildinfo
 1eea1aac7e5812ec78e0796158c535a4c9931eaca199cc2feb5b4aa82a5848fb 258068 guile-gnutls-dbgsym_3.7.9-2+deb12u5_armel.deb
 6b3ff06aa18fc70533f211c3c956a9cb05337707d6811dc95401ebcf787416f3 456244 guile-gnutls_3.7.9-2+deb12u5_armel.deb
 7711333ae2fa1b7c3ba90cdb8d68032615880b70261686061f17dbdecb2ef99f 89360 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_armel.deb
 b451a2ecc6a924e73e59df210e09c9c7c123b368bfb7bb4feefbca742badf45f 402364 libgnutls-dane0_3.7.9-2+deb12u5_armel.deb
 2da1c45974b8c688404de182ea761800356f74448dd5029ddfe69551c82f0e54 90896 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_armel.deb
 3b226ad39cf591aea1cf146e13db9405a4e494d8df8ec6575697527f02772819 402204 libgnutls-openssl27_3.7.9-2+deb12u5_armel.deb
 9c670674c3c6f7e81859e387f5a458432548cc0b3a394bbfa92fb96a4ce924c8 1279536 libgnutls28-dev_3.7.9-2+deb12u5_armel.deb
 15a751a2fbffe1c80c3604b272827abb87201ff08366a3124fbf7103affb991a 2005112 libgnutls30-dbgsym_3.7.9-2+deb12u5_armel.deb
 c7197996580ed57daf52744eec2c70527f97b2d48e63f4dfb33dfc4883b7279f 1310012 libgnutls30_3.7.9-2+deb12u5_armel.deb
 ee9fcaed0c90ee776c48e64c32de6c947d6c3dc189f449e953a78025ae578745 49068 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_armel.deb
 d2c2de0a832d57a9e59302f28fd36fde73b0091aa09a7c9e9c81ceb6cde27e55 11972 libgnutlsxx30_3.7.9-2+deb12u5_armel.deb
Files:
 d2487835db789e2b5784542ac169da03 830540 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u5_armel.deb
 879de01c3178e572fd6704412d467e9c 609480 net optional gnutls-bin_3.7.9-2+deb12u5_armel.deb
 dc105f3276e026933f422002066ac10d 11274 libs optional gnutls28_3.7.9-2+deb12u5_armel-buildd.buildinfo
 c92493dbc9b8d53abba46751c0e3cec5 258068 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u5_armel.deb
 5f0c07e4c18ca93382e8c9d2819a7a84 456244 lisp optional guile-gnutls_3.7.9-2+deb12u5_armel.deb
 1609eb675c5312ccbf524d9e158df46e 89360 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_armel.deb
 a38556830d76453e5ddc1090c06a46de 402364 libs optional libgnutls-dane0_3.7.9-2+deb12u5_armel.deb
 26b973605e2622ca14c62bd1f8ae3475 90896 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_armel.deb
 cf81e267947d2bbb336f33590d5bea06 402204 libs optional libgnutls-openssl27_3.7.9-2+deb12u5_armel.deb
 8f7301fd60bb9f658ab9b62f8e1918c2 1279536 libdevel optional libgnutls28-dev_3.7.9-2+deb12u5_armel.deb
 ffef3e78ea7a59910979d34b5d58430c 2005112 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u5_armel.deb
 349e7873431ba9c91b5cf02c951256be 1310012 libs optional libgnutls30_3.7.9-2+deb12u5_armel.deb
 341c917206838e2527d9034275d9831d 49068 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_armel.deb
 9d74e1efd53b93bc1d0c56ec96eb65fd 11972 libs optional libgnutlsxx30_3.7.9-2+deb12u5_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmh17W4ACgkQOQKMdMnE
H5P5jw/+J0TzVXgNG0MSYMtYtSvFKHUVcQ+jr0pjQJaImYdKFUlpcS1SJs+nAht7
PB3fY14uUMv7IpVbEFrlzroJiHIoVvip16J8HTE7HiLJhjO6u91aOLBleOGvjskJ
qEK8hbpPrFaz/yyalpSli9GHBWr9zoVBE3+/ULkWTyV7C+tAWZEjmCkao4J8PZIF
ZmTWFaVgAC96+HowO+ogeHgj/wjRaJb1QuWs2ZE1VmXqGBA0ZO/CMUoizMdVp59K
aGutnTGOuzedluKIBZ5RXVNA8zmur+37t6WOljvzOdb895mPleu78zxfvutbCvYO
Ia+wnsa+R5p8Pa0oMBd5FtOmrth0zuz8NdmC/6FlubXiV+EZ+GmhzS68jpye8AOo
FZH3fpL/1FbBLySuWl4MJ31YLMfmvcAq2voyoys/kMmtALj4BNGwXdaprgOU1qqD
PHmLqzETEZ+4hCrzfzqXWxKsirwiAV+Ytnz6UYX+kE4eaa5KONXYSloXfCaCGJ9+
C+u6lbHU4cCNXWdu3ZbNRpMnmyrOaF0Pc4oloFVPPxPdqFm/zyByysPCdgJm+x3I
+JhuEG5QfjXnm5StNpdkOW0Z2HDENW/WNv8U7BBWggsR9+cuW0Xjma9Bz48HxtUE
hpAGJweF//qGrYRs6QnRE881DiBwbSxkivZt9PMJibPdV7TlW9M=
=rtkZ
-----END PGP SIGNATURE-----