New Debian gnutls28 3.7.9-2+deb12u4 fixes: This update addresses the following issues: 3.7.9-2+deb12u4 (Mon, 10 Feb 2025 10:07:24 +0100) * libgnutls: Fix potential DoS in handling certificates with numerous name constraints, as a follow-up of CVE-2024-12133 in libtasn1. Patch cherry-picked from 3.8.9 release. [GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]
--- mirror/ftp/pool/main/g/gnutls28/gnutls28_3.7.9-2+deb12u3.dsc +++ apt/ucs_5.2-0-errata5.2-0/source/gnutls28_3.7.9-2+deb12u4.dsc @@ -1,3 +1,10 @@ +3.7.9-2+deb12u4 [Mon, 10 Feb 2025 10:07:24 +0100] Andreas Metzler <ametzler@debian.org>: + + * libgnutls: Fix potential DoS in handling certificates with numerous + name constraints, as a follow-up of CVE-2024-12133 in libtasn1. + Patch cherry-picked from 3.8.9 release. + [GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243] + 3.7.9-2+deb12u3 [Sat, 15 Jun 2024 13:22:35 +0200] Andreas Metzler <ametzler@debian.org>: * Update to 3.7.11: <http://piuparts.knut.univention.de/5.2-0/#5563136170843258362>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.2-0] 751b6d52b40 Bug #57969: gnutls28 3.7.9-2+deb12u4 doc/errata/staging/gnutls28.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.2x29>