Univention Bugzilla – Bug 56877
gnutls28: Multiple issues (5.0)
Last modified: 2023-11-29 14:56:18 CET
New Debian gnutls28 3.6.7-4+deb10u11 fixes: This update addresses the following issue: 3.6.7-4+deb10u11 (Wed, 22 Nov 2023 13:46:40 +0100) * Non-maintainer upload by the LTS team. * Fix CVE-2023-5981: A vulnerability was found in GnuTLS, a secure communications library, which may facilitate a timing attack to compromise a cryptographic system. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only TLS ciphertext processing is affected.
--- mirror/ftp/pool/main/g/gnutls28/gnutls28_3.6.7-4+deb10u10.dsc +++ apt/ucs_5.0-0-errata5.0-5/source/gnutls28_3.6.7-4+deb10u11.dsc @@ -1,3 +1,13 @@ +3.6.7-4+deb10u11 [Wed, 22 Nov 2023 13:46:40 +0100] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2023-5981: + A vulnerability was found in GnuTLS, a secure communications library, which + may facilitate a timing attack to compromise a cryptographic system. The + response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ + from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only + TLS ciphertext processing is affected. + 3.6.7-4+deb10u10 [Sat, 18 Feb 2023 15:25:10 +0100] Markus Koschany <apo@debian.org>: * Non-maintainer upload by the LTS team. <http://piuparts.knut.univention.de/5.0-5/#8325633345524748190>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-5] 32ad56a35f Bug #56877: gnutls28 3.6.7-4+deb10u11 doc/errata/staging/gnutls28.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) [5.0-5] d3ebc7d954 Bug #56877: gnutls28 3.6.7-4+deb10u11 doc/errata/staging/gnutls28.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x887>