[gnutls-help] gnutls 3.8.3

Daiki Ueno ueno at gnu.org
Tue Jan 16 11:25:17 CET 2024


We have just released gnutls-3.8.3. This is a bug fix and security
release on the 3.8.x branch.

We would like to thank everyone who contributed in this release:
Clemens Lang, Daiki Ueno, Jakub Jelen, and Mark Harfouche

The detailed list of changes follows: 

* Version 3.8.3 (released 2024-01-16)

** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
   [GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]

** libgnutls: Fix assertion failure when verifying a certificate chain with a
   cycle of cross signatures
   [GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567]

** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token
   certtool was unable to handle Ed25519 keys generated on PKCS#11
   with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2.

** API and ABI modifications:
No changes since last version.

Getting the Software
GnuTLS may be downloaded directly from 
A list of GnuTLS mirrors can be found at

Here are the XZ compressed sources:

Here are OpenPGP detached signatures signed using key:

Note that it has been signed with my openpgp key:
pub   rsa4096 2009-07-23 [SC] [expires: 2026-06-29]
uid           [ultimate] Daiki Ueno <ueno at unixuser.org>
uid           [ultimate] Daiki Ueno <ueno at gnu.org>
sub   rsa4096 2010-02-04 [E]

Daiki Ueno
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20240116/dce8f94c/attachment-0001.sig>

More information about the Gnutls-help mailing list