Log Message:
gnutls: updated to 3.8.5

Version 3.8.5 (released 2024-04-04)

** libgnutls: Due to majority of usages and implementations of
   RSA decryption with PKCS#1 v1.5 padding being incorrect,
   leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
   is being deprecated (encryption and decryption) and will be
   disabled in the future. A new option `allow-rsa-pkcs1-encrypt`
   has been added into the system-wide library configuration which
   allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
   RSAES-PKCS1-v1_5 is enabled by default.

** libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
   backward compatibility with GCR.

** libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
   v1.5 decryption error handling and deterministic ECDSA with earlier
   versions of GMP.  These were a regression introduced in the 3.8.4
   release.

** build: Fixed a bug where building gnutls statically failed due
   to a duplicate definition of nettle_rsa_compute_root_tr().

** API and ABI modifications:
GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t