1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5349-1] gnutls28 security update

    From Moritz Muehlenhoff@21:1/5 to All on Tue Feb 14 20:00:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5349-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 14, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gnutls28
    CVE ID : CVE-2023-0361

    Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library.

    For the stable distribution (bullseye), this problem has been fixed in
    version 3.7.1-5+deb11u3.

    We recommend that you upgrade your gnutls28 packages.

    For the detailed security status of gnutls28 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/gnutls28

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPr180ACgkQEMKTtsN8 TjYiww/7BLMYnCqWIWB8YC+TFWAF6HEVXCFLTy/ksXO7tc/pglydOrzajIRnRb1J imOwMCcK19vJT3JLMQsbVXztpeGIYhLa8GR/c718NGmhkEV7z+NmFIS+eSi2Urt/ Yb6m9InN5RPbEbGoMVCxnFdAqHTob0rEo+pgNekUtIJ+M/qQHCTz/UijjevoETUu a+u2E7yjafT1SMPMdI+NemwZxfEpoNYafK9VBCtXVyEKWW/f149rQU7O825HTQ4o ZxRzTVWjJlXfwRj+HLmOqUQhAEEaR3tznFx8+bMDYCgyL7AaEnBJ+ygHZRwDy7ui UaVqgpIXF4jB3Kw1j5b0rQokO/wTNYioFCOmZwkSobe4ODKcTw0VVoYFj/EhbgBH q8EEVy8ZeBnon33wTTW6bXtUtqUmz0rXKyGVB6JUPiEbeGtLlScswqAKE70KG7uF 5pPKpPUu4VK9EfceqC6ld/m0tUg393QwVGoo8fK6RXauNWKAvM2I9qarLoGF9GMq FgewlSVdg2N91ChUWb6/XdQ0EYg+dB9lNmfG9wVsqa7013Lj3O32JQz8s8QJ1qtr 26MoZMDx1SB/XNwLhby8UlUiQmYFSvnS+lLx5BbBVNSORPGXWt14pa6Mzv1YK8wZ w+Z7aobGptaOwCeZ8cVAGBCYaDVnmOni+1c8MAKnYUbCrC1kx/E=
    =qFL8
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)