ELSA-2021-4451

ELSA-2021-4451 - gnutls and nettle security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2021-11-16

Description


gnutls
[3.6.16-4]
- p11tool: Document ID reuse behavior when importing certs (#1776250)

[3.6.16-3]
- Treat SHA-1 signed CA in the trusted set differently (#1965445)

[3.6.16-2]
- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)

[3.6.16-1]
- Update to upstream 3.6.16 release (#1956783)
- Fix potential use-after-free in key_share handling (#1927597)
- Fix potential use-after-free in pre_shared_key handling (#1927593)
- Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
- Fix cert expiration issue in tests (#1908110)

[3.6.14-10]
- Port fixes for potential miscalculation in ecdsa_verify (#1942931)

[3.6.14-9]
- Revert the previous change

nettle
[3.4.1-7]
- Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990)

[3.4.1-6]
- Enable CTR mode optimization when the block size is 16

[3.4.1-5]
- Backport powerpc64 optimization patches from upstream (#1855228)
Patch from Christopher M. Riedl.


Related CVEs


CVE-2021-20232
CVE-2021-3580
CVE-2021-20231

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) gnutls-3.6.16-4.el8.src.rpm1156be81bb7e4949485b714e151cdbb6-
nettle-3.4.1-7.el8.src.rpmc5ec87130d335f1c0ef0f291a8520d0a-
gnutls-3.6.16-4.el8.aarch64.rpm95b7298a123139dc0ca2d9e17830c78c-
gnutls-c++-3.6.16-4.el8.aarch64.rpm84479d78a7dd068d3ccaaa66b273dd60-
gnutls-dane-3.6.16-4.el8.aarch64.rpm91b81cd0efdb401866f2727d7bc7cb1c-
gnutls-devel-3.6.16-4.el8.aarch64.rpma3642382d5554048004ba48fb6a61950-
gnutls-utils-3.6.16-4.el8.aarch64.rpm908dc0a6213dfb59abd050a3f23eb681-
nettle-3.4.1-7.el8.aarch64.rpm97c7ffbaecb4286109c1b3ccf9e9f272-
nettle-devel-3.4.1-7.el8.aarch64.rpmb588f6d90e3305f21c790e82c569e28e-
Oracle Linux 8 (x86_64) gnutls-3.6.16-4.el8.src.rpm1156be81bb7e4949485b714e151cdbb6-
nettle-3.4.1-7.el8.src.rpmc5ec87130d335f1c0ef0f291a8520d0a-
gnutls-3.6.16-4.el8.i686.rpma9830c8903b869103adf50ed035145a0-
gnutls-3.6.16-4.el8.x86_64.rpmf319eda85fd0db69be76cd53bea60a42-
gnutls-c++-3.6.16-4.el8.i686.rpmb2e2ea03829dee73813d03fc1ebc67c4-
gnutls-c++-3.6.16-4.el8.x86_64.rpm616a01940bdf49bba43cfe4ae1c36cb2-
gnutls-dane-3.6.16-4.el8.i686.rpme260f2bed3fd317747244fa5d1c0d1bf-
gnutls-dane-3.6.16-4.el8.x86_64.rpmcdb4a66beaff66f236e2bcc1c28d2389-
gnutls-devel-3.6.16-4.el8.i686.rpm262b4fed7e51c5b4aa502633eb48b3c8-
gnutls-devel-3.6.16-4.el8.x86_64.rpm3051a481f95cbb241d927867634c12df-
gnutls-utils-3.6.16-4.el8.x86_64.rpm5f40c3d261e10a445fc50f32e720d775-
nettle-3.4.1-7.el8.i686.rpmfc599bd62d9595259cd41498d28d0645-
nettle-3.4.1-7.el8.x86_64.rpm50ac9048bbd3c3f7fdfe6fc545d77ec1-
nettle-devel-3.4.1-7.el8.i686.rpm5222396d1e8a48e2e5ed355d5bc58517-
nettle-devel-3.4.1-7.el8.x86_64.rpm24223edd30d6505cfa7cda1c215380ee-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete