------------------------------------------------------------------------- Debian LTS Advisory DLA-4063-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 21, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : gnutls28 Version : 3.7.1-5+deb11u7 CVE ID : CVE-2024-12243 Bing Shi discovered that GnuTLS, a portable library which implements the Transport Layer Security and Datagram Transport Layer Security protocols, had inefficient handling of certificate data with a large number of names or name constraints, potentially leading to Denial of Service upon specially crafted certificates. For Debian 11 bullseye, this problem has been fixed in version 3.7.1-5+deb11u7. We recommend that you upgrade your gnutls28 packages. For the detailed security status of gnutls28 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gnutls28 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature