-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 15 May 2026 13:57:52 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: i386
Version: 3.7.9-2+deb12u7
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Closes: 1135319
Changes:
 gnutls28 (3.7.9-2+deb12u7) bookworm-security; urgency=high
 .
   * Cherry-pick fixes from 3.8.13 release for oldstable.
     + This includes fixes for these issues: CVE-2026-3833 CVE-2026-5260
       CVE-2026-5419 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009
       CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013
       CVE-2026-42014 CVE-2026-42015.
     + CVE-2026-3832 only applied to release 3.8.9 and later, no patch needed.
     + Patchset pulled from CentOS c8s (3.6.16), split into patchlets, unfuzzed,
       adapted for 3.7 (adds
       72_0015_gnutls-3.6.16-1810-ocsp-truncated-eku.10.patch). Also added
       those patches from CentOS c9s (3.8.10) that are relevant for 3.7.9 (but
       where not for 3.6.16).
     Closes: #1135319
Checksums-Sha1:
 bd28ee0b28ebc4b16e0f8dcb768e0938b94b4258 798064 gnutls-bin-dbgsym_3.7.9-2+deb12u7_i386.deb
 91c24ab84ad6d979f649535394819fb455b0a954 646388 gnutls-bin_3.7.9-2+deb12u7_i386.deb
 417c2bfe053cc85fd855e2d9fd46a7aaf4a426bc 11347 gnutls28_3.7.9-2+deb12u7_i386-buildd.buildinfo
 ab971ca8ba7fa0a113115e517c2c1ff6cd9fd3b9 242144 guile-gnutls-dbgsym_3.7.9-2+deb12u7_i386.deb
 3050bc610b8d1842430aaebb8bdd2af1864a8a1e 463996 guile-gnutls_3.7.9-2+deb12u7_i386.deb
 b1bf7ed308e1fcb0a52687ae75d0063be0648184 83936 libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_i386.deb
 6a0c4960f6d5eb648c1a2b2f01e83d4c21057346 407500 libgnutls-dane0_3.7.9-2+deb12u7_i386.deb
 ae33d2cc369f00e08439c64e4069bcf66e887379 84004 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_i386.deb
 89dc0c09172b01d7b95f3dd25295916567a24251 407752 libgnutls-openssl27_3.7.9-2+deb12u7_i386.deb
 e91633c6130021304e4c2cd2bd10712efa62213d 1423256 libgnutls28-dev_3.7.9-2+deb12u7_i386.deb
 83ea63165674468a42a3159bba7a37b4be91e227 1742512 libgnutls30-dbgsym_3.7.9-2+deb12u7_i386.deb
 831c248f61103d13addfb1d1e3eec1abef40c404 1409032 libgnutls30_3.7.9-2+deb12u7_i386.deb
 c554c548cd2b79ee6bdaa3437bdc02eab0631ac1 45472 libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_i386.deb
 00a6c918cffde7ca109aa101e0093f45540640e4 15416 libgnutlsxx30_3.7.9-2+deb12u7_i386.deb
Checksums-Sha256:
 85bd787fbfccb9b078da83d3d08fa88fab2040294cdd937eb1b5cb03ef840027 798064 gnutls-bin-dbgsym_3.7.9-2+deb12u7_i386.deb
 43730102e81dffad1d890bd03ab5fd293209357c455cbcca5e326e56ecab5a7b 646388 gnutls-bin_3.7.9-2+deb12u7_i386.deb
 12ad779ea1726faa475200e9c54e231b9fecce0029106c695e2039b9edb613da 11347 gnutls28_3.7.9-2+deb12u7_i386-buildd.buildinfo
 76bfdd16184e44eedaa13428daf5103af6b07e7ed3d30fef88957ce49c876276 242144 guile-gnutls-dbgsym_3.7.9-2+deb12u7_i386.deb
 b19c0f7b6cef48f6f15fe9f7c6fa79cac1fb4cd6b0c83a8976ab7a1a94b3ca8f 463996 guile-gnutls_3.7.9-2+deb12u7_i386.deb
 4717ab1cce1e672fa0bb1697be0b0e68dc3ac3c90f99ede4b90ae7b5ef91097a 83936 libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_i386.deb
 42f11ce0400035a47f4cc04badc09e23785200eee1660eb788776428b7ffd981 407500 libgnutls-dane0_3.7.9-2+deb12u7_i386.deb
 f2f658b16d916bc497943d5d869c6eb89f72be1738ad6dc22a4c2ff1250ea6c2 84004 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_i386.deb
 7f6c3ee3596a16b20668623b9013f213a9b096252f05dc5c7fc03eb730843b1a 407752 libgnutls-openssl27_3.7.9-2+deb12u7_i386.deb
 1db8ea23686cf09fe493e1ba372534931bc0382f2996dca0109274822ab1458f 1423256 libgnutls28-dev_3.7.9-2+deb12u7_i386.deb
 7cda14acf3f6ddceaaf55f2837939a85ab59a164d7076b9c8ee35623478d0445 1742512 libgnutls30-dbgsym_3.7.9-2+deb12u7_i386.deb
 0018a71515bd08ecb10e88450098414a3d64f264d0986f12e952f0797f4825c2 1409032 libgnutls30_3.7.9-2+deb12u7_i386.deb
 ca28f358b368a9487d6525e1ef084a08f020d7a57f9146e063867aa596717570 45472 libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_i386.deb
 dbdff6788ae98681103f0e1347a963fb0cfcc42126b3b4a0adc816ff2f113ecf 15416 libgnutlsxx30_3.7.9-2+deb12u7_i386.deb
Files:
 053b072dbe9e946d09b3b00fe66410f0 798064 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u7_i386.deb
 d32a971bc017ba4ad3cc4c95c20d8ed1 646388 net optional gnutls-bin_3.7.9-2+deb12u7_i386.deb
 88cab3cf464cedf2e048df4d203b4009 11347 libs optional gnutls28_3.7.9-2+deb12u7_i386-buildd.buildinfo
 ea39a54496ae41adfff4bd2f8a6f382c 242144 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u7_i386.deb
 46eb05f19eda8dab8d214104288b2679 463996 lisp optional guile-gnutls_3.7.9-2+deb12u7_i386.deb
 4728646a54a1ce68d1336bf52a953e88 83936 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u7_i386.deb
 0cdfe2ace4348a491b88837718f0dadd 407500 libs optional libgnutls-dane0_3.7.9-2+deb12u7_i386.deb
 8c1016fdb85a40792a64c0c533527e3b 84004 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u7_i386.deb
 7fe340dbaf36dcc5df1d0abae4207c72 407752 libs optional libgnutls-openssl27_3.7.9-2+deb12u7_i386.deb
 6051c9706e273fbc56249629586f21dc 1423256 libdevel optional libgnutls28-dev_3.7.9-2+deb12u7_i386.deb
 4e050a726868c9c0c919994003af7a9f 1742512 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u7_i386.deb
 67a713614c10dbe0c9fb031387a8a0ff 1409032 libs optional libgnutls30_3.7.9-2+deb12u7_i386.deb
 99493dad9c02b8463e75c323ce3b1b0c 45472 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u7_i386.deb
 358420bfd11f76b97531b2f8f848715b 15416 libs optional libgnutlsxx30_3.7.9-2+deb12u7_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmoJ+d8ACgkQYg9P9sm2
dfFjQQ/+P+nJ5UpFsFZq0p2/Kdh1Fvfjc6+sz7u/skaHNQbMBfeXhCe3ZYMFXdl8
zZPbebtVp8byFzDPjZOz5uzu4ZKFVolbdWezBy6JwlWPrWgD06GKpIsYHpT53wDI
+AXobOenm6YmG+vx+mlb2LQ/fg4hLEUeIvDnKXSQc9gGvddEAAkX0+Wb0rpWlBsW
sV7brp7Ep0vi+YWIfizHGojFOcrZ/kuAG+WVFu5asDKLzws8EojUS390ao3I4KJa
CLkQuSL+VyWpYCCSRXoOCmCuX/kyirYif3OQ28Zqu0QV4nTkB+ijc9oTi0hbO/EH
efmAYI+vAqTnA5Sn1YLIajhYZMG1DYGEX1tmVq2ipa+ZlFn3mtRP3BrQ16SlSqgg
S8D4QlF3pfu5f8OFBcaNNH+Wg/F/NL9+RZObpQM/0YjjETFwUUw15QVxdXrt1+GK
B420nUcT7rg1YBWsuTnP8cW8J+RI315I2l4DDOJRVXnzCCO0hZPnFF/aRmsMIAoN
nzCE3ymFw86a3J7kQY1rrODJJtZdiIi85e2774Lq658ALlOUiJa8KjJT8ex78coC
PUdGgNrnhbrvLsk5fAAjyUKt6Nww3GKUgQhFcgGh4uDhQKB00ZktPny9tYws0gfR
vP8QK8AP/H5QA3kDqcMyF2ax7SYNReROiMoeV3gmqwruT9nS3Bo=
=kLau
-----END PGP SIGNATURE-----