A gnutls28 security update has been released for Debian GNU/Linux 8 Extended LTS to address an issue where GnuTLS fails to validate alternate trust chains in some conditions.
ELA-483-1 gnutls28 security update
Package gnutls28
ELA-483-1 gnutls28 security update
Version 3.3.30-0+deb8u2
GnuTLS, a portable cryptography library, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let’s Encrypt certificates, starting 2021-10-01.
For Debian 8 jessie, these problems have been fixed in version 3.3.30-0+deb8u2.
We recommend that you upgrade your gnutls28 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
