[gnutls-help] gnutls 3.7.11
Zoltan Fridrich
zfridric at redhat.com
Mon May 27 10:13:26 CEST 2024
Hello,
We have just released gnutls-3.7.11. This is a bug fix release on the
3.7.x branch.
We would like to thank everyone who contributed in this release:
Xin Long, Daiki Ueno and Zoltan Fridrich
The detailed list of changes follows:
* Version 3.7.11 (released 2024-04-13)
** libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516).
[GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
** libgnutls: Fixed a bug where certtool crashed when verifying a
certificate
chain with more than 16 certificates. Reported by William Woodruff (#1525)
and yixiangzhike (#1527).
[GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835]
** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
[GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]
** libgnutls: Fix assertion failure when verifying a certificate chain
with a
cycle of cross signatures
[GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567]
** libgnutls: Fix timing side-channel inside RSA-PSK key exchange.
[GNUTLS-SA-2023-10-23, CVSS: medium] [CVE-2023-5981]
** API and ABI modifications:
No changes since last version.
Getting the Software ================
GnuTLS may be downloaded directly from
https://www.gnupg.org/ftp/gcrypt/ <https://www.gnupg.org/ftp/gcrypt/>
A list of GnuTLS mirrors can be found at
http://www.gnutls.org/download.html <http://www.gnutls.org/download.html>
Here are the XZ compressed sources:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.11.tar.xz
<https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.11.tar.xz>
Here are OpenPGP detached signatures signed using key:
5D46CB0F763405A7053556F47A75A648B3F9220C
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.11.tar.xz.sig
<https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.11.tar.xz.sig>
Note that it has been signed with my openpgp key:
pub ed25519 2021-12-23 [SC] [expires: 2027-01-01]
5D46CB0F763405A7053556F47A75A648B3F9220C
uid [ultimate] Zoltan Fridrich <zfridric at redhat.com>
sub cv25519 2021-12-23 [E] [expires: 2027-01-01]
Regards,
Zoltan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20240527/82aa23d3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x7A75A648B3F9220C.asc
Type: application/pgp-keys
Size: 1054 bytes
Desc: OpenPGP public key
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20240527/82aa23d3/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20240527/82aa23d3/attachment-0001.sig>
More information about the Gnutls-help
mailing list