ELSA-2017-2292

ELSA-2017-2292 - gnutls security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2017-08-07

Description


[3.3.26-9]
- Address crash in OCSP status request extension, by eliminating the
unneeded parsing (CVE-2017-7507, #1455828)

[3.3.26-7]
- Address interoperability issue with 3.5.x (#1388932)
- Reject CAs which are both trusted and blacklisted in trust module (#1375303)
- Added new functions to set issuer and subject ID in certificates (#1378373)
- Reject connections with less than 1024-bit DH parameters (#1335931)
- Fix issue that made GnuTLS parse only the first 32 extensions (#1383748)
- Mention limitations of certtool in manpage (#1375463)
- Read PKCS#8 files with HMAC-SHA256 -as generated by openssl 1.1 (#1380642)
- Do not link directly to trousers but instead use dlopen (#1379739)
- Fix incorrect OCSP validation (#1377569)
- Added support for pin-value in PKCS#11 URIs (#1379283)
- Added the --id option to p11tool (#1399232)
- Improved sanity checks in RSA key generation (#1444780)
- Addressed CVE-2017-5334, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337,
CVE-2017-7869


Related CVEs


CVE-2017-5335
CVE-2017-5337
CVE-2017-5336
CVE-2016-7444
CVE-2017-5334
CVE-2017-7507
CVE-2017-7869

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) gnutls-3.3.26-9.el7.src.rpmae50a773bbf93882b93046502fab6321ELBA-2019-0518
gnutls-3.3.26-9.el7.aarch64.rpma62f89bb34f1a6af987b04fff2962f91ELBA-2019-0518
gnutls-c++-3.3.26-9.el7.aarch64.rpm89f68a4b9736380c884a6ab6960873d7ELBA-2019-0518
gnutls-dane-3.3.26-9.el7.aarch64.rpm784422bea4167fe55f94d28ca29b42e6ELBA-2019-0518
gnutls-devel-3.3.26-9.el7.aarch64.rpma15572de4e9ffa4c855b1eb5738db283ELBA-2019-0518
gnutls-utils-3.3.26-9.el7.aarch64.rpm74d9c7ba3eb8f20043faea812e0ab779ELBA-2019-0518
Oracle Linux 7 (x86_64) gnutls-3.3.26-9.el7.src.rpmae50a773bbf93882b93046502fab6321ELBA-2019-0518
gnutls-3.3.26-9.el7.i686.rpm8e987729255933e0083055d74fcfe3b7ELBA-2019-0518
gnutls-3.3.26-9.el7.x86_64.rpm5d77f940715ed6dbc0b98ac40f3793c9ELBA-2019-0518
gnutls-c++-3.3.26-9.el7.i686.rpm05fe75d0bdd50069b24935d7ac75c5bfELBA-2019-0518
gnutls-c++-3.3.26-9.el7.x86_64.rpm3305a68315aee1798899a89f5552a133ELBA-2019-0518
gnutls-dane-3.3.26-9.el7.i686.rpm857b34a355ce5520f148171e5a178225ELBA-2019-0518
gnutls-dane-3.3.26-9.el7.x86_64.rpm262847d1184ca56f1dbe4a0f830038d3ELBA-2019-0518
gnutls-devel-3.3.26-9.el7.i686.rpmf4af1e38ffbcc9b22ab64a15795644f7ELBA-2019-0518
gnutls-devel-3.3.26-9.el7.x86_64.rpm8b30cd1549374e5da13425046d583023ELBA-2019-0518
gnutls-utils-3.3.26-9.el7.x86_64.rpm3db1678a5e87399c9ac589cd343a2114ELBA-2019-0518



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete