Debian has issued an advisory on February 14: https://www.debian.org/security/2023/dsa-5349 The issue is fixed upstream in 3.8.0: https://gnutls.org/security-new.html#GNUTLS-SA-2020-07-14 Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Fixed upstream in 3.8.0
This pkg has various maintainers, so assigning this update globally.
Assignee: bugsquad => pkg-bugs
Debian-LTS has issued an advisory for this on February 18: https://www.debian.org/lts/security/2023/dla-3321
Done for both mga8 and Cauldron!
CC: (none) => geiger.david68210
Cauldron updated to 3.8.0 and Mageia 8 patched. Thanks! libgnutls30-3.6.15-3.4.mga8 gnutls-3.6.15-3.4.mga8 libgnutls-devel-3.6.15-3.4.mga8 libgnutlsxx28-3.6.15-3.4.mga8 from gnutls-3.6.15-3.4.mga8.src.rpm
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8Assignee: pkg-bugs => qa-bugsStatus comment: Fixed upstream in 3.8.0 => (none)
MGA8-64 MATE on Acer Aspire 5253 No installation issues. Ref bug 29021 Comment 4 $ gnutls-cli mach1 Processed 140 CA certificate(s). Resolving 'mach1:443'... Connecting to '192.168.2.1:443'... - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `EMAIL=root@localhost,OU=default httpd cert for localhost,CN=localhost', issuer `EMAIL=root@localhost,OU=default httpd cert for localhost,CN=localhost', serial 0x2b26b631453768c44ab1a432961d780848570faf, RSA key 2048 bits, signed using RSA-SHA256, activated `2021-04-06 11:45:22 UTC', expires `2022-04-06 11:45:22 UTC', pin-sha256="pvMLJ62KvViacXZFR/MDuWiWbWIvZhmbUIkRWjW08nA=" Public Key ID: sha1:0a76055c20ef7bac21648d9fe12caa4928c82799 sha256:a6f30b27ad8abd589a71764547f303b968966d622f66199b5089115a35b4f270 Public Key PIN: pin-sha256:pvMLJ62KvViacXZFR/MDuWiWbWIvZhmbUIkRWjW08nA= - Status: The certificate is NOT trusted. The certificate issuer is unknown. The certificate chain uses expired certificate. The name in the certificate does not match the expected. *** PKI verification of server certificate failed... *** Fatal error: Error in the certificate. $ gnutls-serv Warning: no private key and certificate pairs were set. HTTP Server listening on IPv4 0.0.0.0 port 5556...done HTTP Server listening on IPv6 :: port 5556...done pointing the browser to http://localhost:5556/ and got some binary data as an answer. at the CLI got this feedback: * Accepted connection from IPv4 127.0.0.1 port 48666 on Tue Feb 21 10:40:56 202 |<0x1839b00>| Received record packet of unknown type 71 Error in handshake: An unexpected TLS packet was received. * Accepted connection from IPv4 127.0.0.1 port 48674 on Tue Feb 21 10:40:56 202 |<0x1839b00>| Received record packet of unknown type 71 Error in handshake: An unexpected TLS packet was received. All inline with refered previous bug, so OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0067.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
This update never actually got pushed.
Status: RESOLVED => REOPENEDResolution: FIXED => (none)
Fixed.
Resolution: (none) => FIXEDStatus: REOPENED => RESOLVED
Some video games can be educational. They can teach players about history, science, and other subjects. https://geometrydashfree.io
CC: (none) => zetisonapi
Not just competition on the field, https://basketball-stars.live also brings players to diverse arenas. From international tournaments to unique duels, the game explores and challenges the limits of basketball skill and strategy.
CC: (none) => tomhiddleston23c