Debian 10261 Published by

A gnutls28 security update has been released for Debian GNU/Linux 8 Extended LTS to address an issue where GnuTLS fails to validate alternate trust chains in some conditions.



ELA-483-1 gnutls28 security update

Package gnutls28
Version 3.3.30-0+deb8u2

GnuTLS, a portable cryptography library, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let’s Encrypt certificates, starting 2021-10-01.

For Debian 8 jessie, these problems have been fixed in version 3.3.30-0+deb8u2.

We recommend that you upgrade your gnutls28 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-483-1 gnutls28 security update