Summary: | <net-libs/gnutls-3.8.2: timing sidechannel in RSA-PSK key exchange | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Fore <csfore> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A4 [stable?] | ||
Package list: | Runtime testing required: | --- |
Description
Christopher Fore
2023-11-27 15:19:24 UTC
Please only put versions in the summary (title) if they're in tree - we put the first fixed version in tree in the title. 3.8.2 is not yet in tree because of https://gitlab.com/gnutls/web-pages/-/issues/6. Please also remember to CC maintainers of the package. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=61c319b35bf216baaaff57eb1aac7bfa6fc1fe20 commit 61c319b35bf216baaaff57eb1aac7bfa6fc1fe20 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-12-02 06:14:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-12-02 07:10:15 +0000 net-libs/gnutls: add 3.8.2 Bug: https://bugs.gentoo.org/918663 Signed-off-by: Sam James <sam@gentoo.org> net-libs/gnutls/Manifest | 2 + net-libs/gnutls/gnutls-3.8.2.ebuild | 142 ++++++++++++++++++++++++++++++++++++ 2 files changed, 144 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1061fd37f9491f2601a8b5b6c92ffc3a2f42d7c9 commit 1061fd37f9491f2601a8b5b6c92ffc3a2f42d7c9 Author: Eli Schwartz <eschwartz93@gmail.com> AuthorDate: 2023-11-30 04:16:11 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-12-02 07:10:14 +0000 sec-keys/openpgp-keys-gnutls: add 20231129 Pull updates of Daiki Ueno's key from the keyservers. The copy uploaded to the website is expired, so we merge the website copy and the single updated key together. Unblocks packaging of the recent gnutls update. Bug: https://gitlab.com/gnutls/web-pages/-/issues/6 Bug: https://bugs.gentoo.org/918663 Signed-off-by: Eli Schwartz <eschwartz93@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> sec-keys/openpgp-keys-gnutls/Manifest | 2 ++ .../openpgp-keys-gnutls-20231129.ebuild | 30 ++++++++++++++++++++++ 2 files changed, 32 insertions(+) |