[Bug 1851427] Re: Consider updating GNUTLS for TLSv1.3 and unified config w/Focal
Adrien Nader
1851427 at bugs.launchpad.net
Wed Mar 19 14:13:22 UTC 2025
Unfortunately, TLS libraries are large beasts and even patch updates
often introduce small behaviour changes which rules them out for
backports. Major releases are basically guaranteed to contain such
behaviour changes and are therefore impossible to backport sadly.
** Changed in: gnutls28 (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1851427
Title:
Consider updating GNUTLS for TLSv1.3 and unified config w/Focal
Status in gnutls28 package in Ubuntu:
Won't Fix
Bug description:
Bionic uses GNUTLS 3.5, and many programs embed its functionality
(like Samba). The OpenSSL library in Bionic was backported to support
TLSv1.3, but many packages using GNUTLS 3.5 are using an older branch
(the stable branch of GNUTLS is now 3.6).
There are some advantages to the latest GNUTLS, such as TLSv1.3
support, optimizations and fixes, and also centralized management of
cipher profile strings, which will let SYSADMINs and MSPs easily
template cipher changes across the board between Bionic and Focal
systems.
Would it be possible to backport GNUTLS to Bionic the same way that
OpenSSL was? It would be nice to have both major encryption libraries
on the current branch through a release's supported life.
Further reading:
https://gnutls.org/news.html
https://nikmav.blogspot.com/2018/05/gnutls-and-tls-13.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1851427/+subscriptions
More information about the foundations-bugs
mailing list