ELA-483-1 gnutls28 security update

alternate chains verification

2021-09-17
Packagegnutls28
Version3.3.30-0+deb8u2


GnuTLS, a portable cryptography library, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let’s Encrypt certificates, starting 2021-10-01.



For Debian 8 jessie, these problems have been fixed in version 3.3.30-0+deb8u2.

We recommend that you upgrade your gnutls28 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.