A set of vulnerabilities was discovered in GnuTLS which allowed attackers to do plain text recovery on TLS connections with certain cipher types. (CVE-2018-10844, CVE-2018-10845, CVE-2018-10846)
see also: https://lists.debian.org/debian-lts-announce/2018/10/msg00022.html
libgnutls was updated to the following patch versions:
- libgnutls-deb0-28/oldstable 3.3.30-0+deb8u1 amd64 [upgradable from: 3.3.8-6+deb8u7]
- libgnutls-openssl27/oldstable 3.3.30-0+deb8u1 amd64 [upgradable from: 3.3.8-6+deb8u7]
