[Bug 1851427] [NEW] Consider updating GNUTLS for TLSv1.3 and unified config w/Focal

Marc Doughty marc at doughtyhouse.com
Tue Nov 5 20:08:21 UTC 2019 

Public bug reported:

Bionic uses GNUTLS 3.5, and many programs embed its functionality (like
Samba). The OpenSSL library in Bionic was backported to support TLSv1.3,
but many packages using GNUTLS 3.5 are using an older branch (the stable
branch of GNUTLS is now 3.6).

There are some advantages to the latest GNUTLS, such as TLSv1.3 support,
optimizations and fixes, and also centralized management of cipher
profile strings, which will let SYSADMINs and MSPs easily template
cipher changes across the board between Bionic and Focal systems.

Would it be possible to backport GNUTLS to Bionic the same way that
OpenSSL was? It would be nice to have both major encryption libraries on
the current branch through a release's supported life.

Further reading:
https://gnutls.org/news.html
https://nikmav.blogspot.com/2018/05/gnutls-and-tls-13.html

** Affects: gnutls28 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1851427

Title:
  Consider updating GNUTLS for TLSv1.3 and unified config w/Focal

Status in gnutls28 package in Ubuntu:
  New

Bug description:
  Bionic uses GNUTLS 3.5, and many programs embed its functionality
  (like Samba). The OpenSSL library in Bionic was backported to support
  TLSv1.3, but many packages using GNUTLS 3.5 are using an older branch
  (the stable branch of GNUTLS is now 3.6).

  There are some advantages to the latest GNUTLS, such as TLSv1.3
  support, optimizations and fixes, and also centralized management of
  cipher profile strings, which will let SYSADMINs and MSPs easily
  template cipher changes across the board between Bionic and Focal
  systems.

  Would it be possible to backport GNUTLS to Bionic the same way that
  OpenSSL was? It would be nice to have both major encryption libraries
  on the current branch through a release's supported life.

  Further reading:
  https://gnutls.org/news.html
  https://nikmav.blogspot.com/2018/05/gnutls-and-tls-13.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1851427/+subscriptions

More information about the foundations-bugs mailing list