-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 15 May 2026 13:57:52 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: amd64
Version: 3.7.9-2+deb12u7
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Closes: 1135319
Changes:
 gnutls28 (3.7.9-2+deb12u7) bookworm-security; urgency=high
 .
   * Cherry-pick fixes from 3.8.13 release for oldstable.
     + This includes fixes for these issues: CVE-2026-3833 CVE-2026-5260
       CVE-2026-5419 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009
       CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013
       CVE-2026-42014 CVE-2026-42015.
     + CVE-2026-3832 only applied to release 3.8.9 and later, no patch needed.
     + Patchset pulled from CentOS c8s (3.6.16), split into patchlets, unfuzzed,
       adapted for 3.7 (adds
       72_0015_gnutls-3.6.16-1810-ocsp-truncated-eku.10.patch). Also added
       those patches from CentOS c9s (3.8.10) that are relevant for 3.7.9 (but
       where not for 3.6.16).
     Closes: #1135319
Checksums-Sha1:
 8776940abe29f5c682606215da435c8bddbb273c 894504 gnutls-bin-dbgsym_3.7.9-2+deb12u7_amd64.deb
 2cd81d3711a8b6fc9d774bf530ab5df8c8502ddc 641236 gnutls-bin_3.7.9-2+deb12u7_amd64.deb
 810c5140e15dcc8c171125b26d7fe32706f05c14 11456 gnutls28_3.7.9-2+deb12u7_amd64-buildd.buildinfo
 817f5b3332c73e56d72a2883f6934d009610c09f 258432 guile-gnutls-dbgsym_3.7.9-2+deb12u7_amd64.deb
 643957f08eea09838aba3135302b4eb485d2f827 463504 guile-gnutls_3.7.9-2+deb12u7_amd64.deb
 58eacdba0937b36c5f0fb1f849d744a906e0a945 91944 libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_amd64.deb
 436cadd31e9e80e5735f7f6099d972f0d2ab68b9 407460 libgnutls-dane0_3.7.9-2+deb12u7_amd64.deb
 8019c19d199311cb9a6cbf5cfc71dc5d5f5a8d28 92312 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_amd64.deb
 ec52114c71558ad799d5e990651301d7b22b3524 407432 libgnutls-openssl27_3.7.9-2+deb12u7_amd64.deb
 aac1236b1e5f0b501c66e96d932d2915819fc1cc 1357004 libgnutls28-dev_3.7.9-2+deb12u7_amd64.deb
 34a08515f7ec1b7841b8d4ed92e316de9d705f84 2123416 libgnutls30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 0ea1e5567b4b100f4155cffae24e6ff41021ea2c 1409084 libgnutls30_3.7.9-2+deb12u7_amd64.deb
 dfe0fa68e9b52666ef5b800fec8fbba096280a26 49784 libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 dd22d4b40b3254a3a9d4c63401146a617b071ba7 14420 libgnutlsxx30_3.7.9-2+deb12u7_amd64.deb
Checksums-Sha256:
 2f996109382b5fa7c8c2bdd90d3a43594f09bc23eb0e43c8d7bb9d2a100b670e 894504 gnutls-bin-dbgsym_3.7.9-2+deb12u7_amd64.deb
 97f419d3bdf595c58eb384523bc0962c466335a5f2a95ca640d5b9a4f9085231 641236 gnutls-bin_3.7.9-2+deb12u7_amd64.deb
 09679dd0b35a3d90bbcc51a0867e25c9b5dae61667a080e73f3d0a034bfd1841 11456 gnutls28_3.7.9-2+deb12u7_amd64-buildd.buildinfo
 0d76b3b4c9fd6de545ddb3b39cbbd9e424c011fcb412580f14e8ae8631f16f9f 258432 guile-gnutls-dbgsym_3.7.9-2+deb12u7_amd64.deb
 3da9abbbe7a7d072bfb01e042a9a6e846f437f1ba59efce000256a6178496bb2 463504 guile-gnutls_3.7.9-2+deb12u7_amd64.deb
 43a900a767880d3547ef2c0e2149b9a55c265f407d8b639ffb77c0699cc29aa1 91944 libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_amd64.deb
 7191f983ebb9ff847a599e76a2edc0bd2bd404e5a086d04d1c09b271a422c08b 407460 libgnutls-dane0_3.7.9-2+deb12u7_amd64.deb
 66637390c1d381b9b2f4dfefbdd794d74ceacbe3ee790b43d414baeaeceabe7b 92312 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_amd64.deb
 4413bb0cbddbd747767d2ef183c1ce3f6ffbe27354b554f6ca94a9a27817e4fe 407432 libgnutls-openssl27_3.7.9-2+deb12u7_amd64.deb
 9937ecc1f5ac034afae7fce867957626c5af05f7e0dac765c2d156244516787b 1357004 libgnutls28-dev_3.7.9-2+deb12u7_amd64.deb
 dffb2188dbdc9857ee61c10c2a64d80fada663ed66c2d7d640c313ea1ec54fde 2123416 libgnutls30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 30abec8c824feb1d2d7e9000a34083cccd19d139625e1b21547e3ac53b922f8e 1409084 libgnutls30_3.7.9-2+deb12u7_amd64.deb
 843e009bb90eeeec27f2f2e033b15a8fa623672e9371b698a5a080afebae8ae6 49784 libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 068f46e76269e2f52edc0504870af4712cf968de577b7fe1e74ff924951bc44f 14420 libgnutlsxx30_3.7.9-2+deb12u7_amd64.deb
Files:
 caeabd8b9ae5a5bb093157b560975283 894504 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u7_amd64.deb
 8277fa3b47601e7d6524d2ce3e8616a6 641236 net optional gnutls-bin_3.7.9-2+deb12u7_amd64.deb
 2100a6334c76f46a710eab33252e7145 11456 libs optional gnutls28_3.7.9-2+deb12u7_amd64-buildd.buildinfo
 171320ee7c69c7d4d7e916dd0208d80d 258432 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u7_amd64.deb
 4376e9844831c71f7fa5b625de4c66d9 463504 lisp optional guile-gnutls_3.7.9-2+deb12u7_amd64.deb
 ac9ed251170ed86e83a57cc7e45bb0d8 91944 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_amd64.deb
 31d2f7bbea4b68f45897d1b3bb3971ee 407460 libs optional libgnutls-dane0_3.7.9-2+deb12u7_amd64.deb
 85a94e36c3239b21f8a2ec3dc44a6770 92312 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_amd64.deb
 68d66423c737960cfded3f4a9fea5500 407432 libs optional libgnutls-openssl27_3.7.9-2+deb12u7_amd64.deb
 94f024d7b69bbd61ed33b8f528ffc766 1357004 libdevel optional libgnutls28-dev_3.7.9-2+deb12u7_amd64.deb
 480c29b47f40fe455a7557ea121964fc 2123416 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 0aaa06c4e876965846e16993f9796d9b 1409084 libs optional libgnutls30_3.7.9-2+deb12u7_amd64.deb
 4893942794cdd2f9826921a34a36d5e0 49784 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_amd64.deb
 179778b350eee15f3a90bd15ad1d9e01 14420 libs optional libgnutlsxx30_3.7.9-2+deb12u7_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmoJ9vAACgkQYg9P9sm2
dfGPmRAAzsP70XVi8VzKmBqjHsGzc932eD33XV6zWaEYwblvJlePkDjraJyaKb3l
PvEQQpXsMn9JzR52Jz+k5MoyqR3a/wp721wIUx6EuaOHBDDaKC98rhwYdAEqn49P
tIZUorBnuX1X88/1Hvpxof29QD3XBglXap1YD/sGT2iCNS/TqSMTXsWPJ/ShOscu
nSr+xH24AwtA60AQX1oOPC1Xyyg6L1IavmBcXAEzRGaJPDO9Zmt44OkMeFdMr6tH
aSH+zA1xhAojCXLeJ2xLntS/5JQnJSPPi9XxraGhPjjYLRVe7NmGOqg5yLS5dmSn
Z4NH9GPbJLF4zR5mMUd5HyB0S0zKW0gim4Dy8J1jxDPsphNgjVtfV1y1IRRwfkNb
qLS014zOjEyIpp+yx/73TamWDiy2LBQy7lrl4Sm0FGee5wXpq4K+hJqYi0e+eM+c
Dwq5DJVYW/LgK40XBSpPDyJlub/RchyOO7y1qeSLY0BSc6SBY0MtFebflifP7qCg
jrpIICd3Tocl3fbaWOhbdox0ilZLAzqSrFozdTBAfthjEtU2uK8gNqPDJr4Ho8Wh
34O5pSTlmEqjNJyyoVoZub6g8L01PsUNMgbEV8MybqzZXSt3MLbAxoVm+P0js0V6
Kn3mDCCF64gpnv3/UqeW3rHCBT3gXXba+sCkFYvWnx1DjvXZlvc=
=yS/e
-----END PGP SIGNATURE-----