-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 15 Jul 2025 07:02:19 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: mipsel
Version: 3.7.9-2+deb12u5
Distribution: bookworm-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-04) <buildd_mips64el-mipsel-osuosl-04@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Changes:
 gnutls28 (3.7.9-2+deb12u5) bookworm-security; urgency=medium
 .
   * Cherry-pick fixes from 3.8.10 release:
      + libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits
        PSK Reported by Stefan Bühler.
        [GNUTLS-SA-2025-07-07-4, CVSS: medium] [CVE-2025-6395]
      + libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS
        timestamps Spotted by oss-fuzz and reported by OpenAI Security
        Research Team, and fix developed by Andrew Hamilton.
        [GNUTLS-SA-2025-07-07-1, CVSS: medium] [CVE-2025-32989]
      + libgnutls: Fix double-free upon error when exporting otherName in
        SAN Reported by OpenAI Security Research Team.
        [GNUTLS-SA-2025-07-07-2, CVSS: low] [CVE-2025-32988]
      + certtool: Fix 1-byte write buffer overrun when parsing template
        Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low]
        [CVE-2025-32990]
      + Fixes for memory leaks in lib/x509/x509_ext.c andlib/hello_ext.c.
      + Fix uninitialized memory read while processing the "pre_shared_key"
        extension in TLS 1.3.
      + Avoid uninitialized use of crq version.
Checksums-Sha1:
 8c5b05d3773955dfcc1800f56bda1e5cd2e3cc92 856540 gnutls-bin-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 2616cdb57edd4db9a1b1c5804869af9867d6586b 623708 gnutls-bin_3.7.9-2+deb12u5_mipsel.deb
 b5197640d4beba94ad5a9dc077ef0ac9dc53b135 11247 gnutls28_3.7.9-2+deb12u5_mipsel-buildd.buildinfo
 1dfb4820cb89375ef04106ef4b58d61b81d2d8a3 267596 guile-gnutls-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 25f018c54fba529bed628fc875ade6d842c9fc0d 448692 guile-gnutls_3.7.9-2+deb12u5_mipsel.deb
 a69e385081135b547a498631fa5733daae9e836d 93004 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 049f8a6c67271634def109a17dc9999793f7fdae 402988 libgnutls-dane0_3.7.9-2+deb12u5_mipsel.deb
 0782fae8cd0fcd65177d4b2e6b8365bc4ca86085 94080 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 c77b24bcb8a46a0cb847ba3a8e367f0fd85ebc07 402704 libgnutls-openssl27_3.7.9-2+deb12u5_mipsel.deb
 122fb98e9c295d0cb21ed367e6426a4d95848b37 1356272 libgnutls28-dev_3.7.9-2+deb12u5_mipsel.deb
 bf1fdca09ab8dbe8bfe67f0ba3c5573b120ae271 2009892 libgnutls30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 60f94d4cfe91fd105d3a58585407a3c282a0811d 1233464 libgnutls30_3.7.9-2+deb12u5_mipsel.deb
 785c08a89cac386da9142b7889dea05fd8df8b99 48072 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 ea6eaedc9857d8be9c08664f3f9c160d6cd6967f 13004 libgnutlsxx30_3.7.9-2+deb12u5_mipsel.deb
Checksums-Sha256:
 ae4dc1f53c8e31f53f496581397a3af6ad39b07f6786923284c2bbccebc886e4 856540 gnutls-bin-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 d3658d4bd4278928b25d89c5a7b5689dd8422ccb472ac811ad0746d5df607035 623708 gnutls-bin_3.7.9-2+deb12u5_mipsel.deb
 43acce76a5873dea0d9ea2970bb34f5092695ffeaa250379fbe6728beb4ce737 11247 gnutls28_3.7.9-2+deb12u5_mipsel-buildd.buildinfo
 56f954d0721ac1da7d4a736a3db90abf748ff8e5d1cd2986d75f27d21e1117ee 267596 guile-gnutls-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 4d5c3bee867f29cbcb0422df60325aaa743edb9ff4efd98295846b2f69f34fcb 448692 guile-gnutls_3.7.9-2+deb12u5_mipsel.deb
 02ba9c8c816b775e55deb19aaed87cc22ed5f0336af2b40b655ed3811aa9b654 93004 libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 1d5bac7f5d8e397a560afeeea1bfc6ccc7ef1ef6f67d0314757a05b08a6f375c 402988 libgnutls-dane0_3.7.9-2+deb12u5_mipsel.deb
 3fbe1944da5f8a676b02ef78f3164b70447842e3ffc1520d2ec0b6c14b646640 94080 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 e3fff8d2f4042c8ad58365af9bc520523aaf969b02389b82df254cfa22657df3 402704 libgnutls-openssl27_3.7.9-2+deb12u5_mipsel.deb
 c4bc73bf9f1aa9826d84f41fd274d2988e66ae0fdf267baf261815cdd8040d6c 1356272 libgnutls28-dev_3.7.9-2+deb12u5_mipsel.deb
 f9740815b5ed2c30036a01fce706eb595c6c94e5d16df3e5ca45fde705bfbbe0 2009892 libgnutls30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 745ebe99164780060878200136427be1afa1dfba1009c75845d03a8de37b2a55 1233464 libgnutls30_3.7.9-2+deb12u5_mipsel.deb
 6f9f2a9259b568506d60436d30775c604795cdb0a91a00c37bfbe4934bc6dbc6 48072 libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 2120a754844bec71aa8cd35eef791b7393627f7ab5bd691d5a9064a3f29c4c59 13004 libgnutlsxx30_3.7.9-2+deb12u5_mipsel.deb
Files:
 a0eb19c9f2988fac8bb4398205c57cd4 856540 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 797aaee59d7dddb42c4ae9e5c6a97295 623708 net optional gnutls-bin_3.7.9-2+deb12u5_mipsel.deb
 c210ff350d7c294b0eac1f44e3ff69da 11247 libs optional gnutls28_3.7.9-2+deb12u5_mipsel-buildd.buildinfo
 378d5f9c1c2f684f83377ddfc4360cdd 267596 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 5a0926982dc64d30866a2687e0999006 448692 lisp optional guile-gnutls_3.7.9-2+deb12u5_mipsel.deb
 29b58799f69c89fbdaabae9690cc2e84 93004 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 6d3c1f1e7260e6a231b2fa5c516793f9 402988 libs optional libgnutls-dane0_3.7.9-2+deb12u5_mipsel.deb
 74074cf95d8b6f2bbe63b8be07bb2568 94080 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 eb5e8805425d721ae4a48ba306a0a055 402704 libs optional libgnutls-openssl27_3.7.9-2+deb12u5_mipsel.deb
 5fc40848fdd4b9581167736915fcff70 1356272 libdevel optional libgnutls28-dev_3.7.9-2+deb12u5_mipsel.deb
 fba9e5eddc0efb1eeeb11622cbdf73fd 2009892 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 bc7b374e8f070710cfc709af93965e60 1233464 libs optional libgnutls30_3.7.9-2+deb12u5_mipsel.deb
 2c5d8ccffb08f3d3154b5f65f52989ce 48072 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u5_mipsel.deb
 8f7e2843e2975b3142c7a1e8e99d670a 13004 libs optional libgnutlsxx30_3.7.9-2+deb12u5_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERbXMbY9VMQqnSaVEV4aVsMglzVcFAmh3/u8ACgkQV4aVsMgl
zVeI5g/+NU8tulPnEqYTzf507hljamcF1Za/TUW4sjNpwWTACKTPCa6OaUr7tdHq
JzQ3/SrHFKc577ohN7AHw95un28B5Wl7cqgU1Oej0uI1i0zWQV0ng1Ngp/aiPl3D
9+vTx8E8+h0VrpCplcamda7RdOziUYhj6A9bZyIyLR9aO1BOQfNMZKlRvdqO3vrJ
1ZYxUokZjy+TuvhEPVk8PlN4AdgFbXwPZUFp7dnogMcKhN25VK7tvrqqn8yBSIpm
4mcUF1j0FQTD4zF7zjL/f2V5ugXXjwNEOm7C+zzyxpa5FU3lFQnwD8i+iv7XjrdZ
NOTEKOIZ7CZeOyBy53Q2i0qGEDFOXXMbPae7NgmHw4qkrBOTjflcQx9Va9KYC4Wn
sQCbCW09ebSu0amKT8qeYrZxEg4T86kBwyDmQIbJR0Zp0fcg53ImlhpVU56dCiML
R3ryx05yV1ZcqZFi8E4jy48JWrA0yjIxrQhq1YDZ0edLnfcJBizVqUsU9mGJNX0B
0oShL6SiiQAUFnXy0AG+CP9RB2bY10lpHVlVceUOKnF+zVSmg16woVUPijbZUVBQ
AI+k0nGY+6v0OmTc0XQkft8sKbdJ+j48DxBdeRZGvMhSnMOl+xwYB4ahJY8PSnte
VYvjes2ybGsRmcwekHo6S0iiWWmK9gd5p4Zp3nJfBTp5qGQcS0g=
=x6tm
-----END PGP SIGNATURE-----