Univention Bugzilla – Bug 55723
gnutls28: Multiple issues (5.0)
Last modified: 2023-02-22 13:03:42 CET
New Debian gnutls28 3.6.7-4+deb10u10 fixes: This update addresses the following issue: * timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)
--- mirror/ftp/pool/main/g/gnutls28/gnutls28_3.6.7-4+deb10u9.dsc +++ apt/ucs_5.0-0-errata5.0-3/source/gnutls28_3.6.7-4+deb10u10.dsc @@ -1,3 +1,10 @@ +3.6.7-4+deb10u10 [Sat, 18 Feb 2023 15:25:10 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2023-0361: + Hubert Kario discovered a timing side channel in the RSA decryption + implementation of the GNU TLS library. + 3.6.7-4+deb10u9 [Wed, 10 Aug 2022 14:59:38 +0200] Emilio Pozuelo Monfort <pochu@debian.org>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/5.0-3/#9144398908477264846>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-3] 1594f2bc84 Bug #55723: gnutls28 3.6.7-4+deb10u10 doc/errata/staging/gnutls28.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x579>