Public bug reported: Bionic uses GNUTLS 3.5, and many programs embed its functionality (like Samba). The OpenSSL library in Bionic was backported to support TLSv1.3, but many packages using GNUTLS 3.5 are using an older branch (the stable branch of GNUTLS is now 3.6).
There are some advantages to the latest GNUTLS, such as TLSv1.3 support, optimizations and fixes, and also centralized management of cipher profile strings, which will let SYSADMINs and MSPs easily template cipher changes across the board between Bionic and Focal systems. Would it be possible to backport GNUTLS to Bionic the same way that OpenSSL was? It would be nice to have both major encryption libraries on the current branch through a release's supported life. Further reading: https://gnutls.org/news.html https://nikmav.blogspot.com/2018/05/gnutls-and-tls-13.html ** Affects: gnutls28 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1851427 Title: Consider updating GNUTLS for TLSv1.3 and unified config w/Focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1851427/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
