I am in the process of trying to fix CVE-2017-533[4567] for jessie and have created a preliminary candidate for uploading to stable. Source (and amd64 binaries for the trusting) is available here and also on the gnutls28_jessie branch in GIT.
I would appreciate testing and feedback to gnutls28 at
packages.debian.org
. Thanks!