Package: libgnutls30 Version: 3.7.1-5 Severity: normal Tags: patch GNUTLS in stable is susceptible to the problem that has been fixed in the main branch. Calculating several SHA-384 hashes w/o reinit can result in miscalculation of the hashes. This has been fixed upstream in [1]. Please provide a backport of this patch.
[1] https://gitlab.com/gnutls/gnutls/-/merge_requests/1466 -- With best wishes Dmitry -- System Information: Debian Release: 11.3 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.17.0-1-amd64 (SMP w/32 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/bash Init: systemd (via /run/systemd/system) Versions of packages libgnutls30 depends on: ii libc6 2.33-7 ii libgmp10 2:6.2.1+dfsg-1+deb11u1 ii libhogweed6 3.7.3-1 ii libidn2-0 2.3.0-5 ii libnettle8 3.7.3-1 ii libp11-kit0 0.23.22-1 ii libtasn1-6 4.16.0-2 ii libunistring2 0.9.10-4 libgnutls30 recommends no packages. Versions of packages libgnutls30 suggests: pn gnutls-bin <none> -- no debconf information