ELSA-2022-9221

ULN >
Oracle Linux Errata repository >
ELSA-2022-9221

ELSA-2022-9221 - gnutls security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2022-03-17

Description

[3.6.16-4.0.1_fips]
- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length
as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling
rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10

[3.6.16-4]
- p11tool: Document ID reuse behavior when importing certs (#1776250)

[3.6.16-3]
- Treat SHA-1 signed CA in the trusted set differently (#1965445)

[3.6.16-2]
- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)

[3.6.16-1]
- Update to upstream 3.6.16 release (#1956783)
- Fix potential use-after-free in key_share handling (#1927597)
- Fix potential use-after-free in pre_shared_key handling (#1927593)
- Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
- Fix cert expiration issue in tests (#1908110)

[3.6.14-10]
- Port fixes for potential miscalculation in ecdsa_verify (#1942931)

[3.6.14-9]
- Revert the previous change

Related CVEs

CVE-2021-20232

CVE-2021-3580

CVE-2021-20231

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	gnutls-3.6.16-4.0.1.el8_fips.src.rpm	a9e523931f67c40237ba7bff8343b118	-
	gnutls-3.6.16-4.0.1.el8_fips.aarch64.rpm	e46c0ede6968c502d58892a5b0da0c50	-
	gnutls-c++-3.6.16-4.0.1.el8_fips.aarch64.rpm	b3efb6ba72258033e6b2f05cb76e49f2	-
	gnutls-dane-3.6.16-4.0.1.el8_fips.aarch64.rpm	1e92eb417183d2b94b3b98cf5be082a4	-
	gnutls-devel-3.6.16-4.0.1.el8_fips.aarch64.rpm	f963756a8c02f38d7c6618314018be66	-
	gnutls-utils-3.6.16-4.0.1.el8_fips.aarch64.rpm	34f201078ef7adced6e26ed99d3b5727	-

Oracle Linux 8 (x86_64)	gnutls-3.6.16-4.0.1.el8_fips.src.rpm	a9e523931f67c40237ba7bff8343b118	-
	gnutls-3.6.16-4.0.1.el8_fips.i686.rpm	b557fa9af2a2ee18738257a8eceff6b4	-
	gnutls-3.6.16-4.0.1.el8_fips.x86_64.rpm	0d64105fefaa5321330dd0174ac6b2c7	-
	gnutls-c++-3.6.16-4.0.1.el8_fips.i686.rpm	90aac59aa89e1a0938bfb3fb28ee647d	-
	gnutls-c++-3.6.16-4.0.1.el8_fips.x86_64.rpm	805f94578a36fcb62b0f959d4ed5d7ee	-
	gnutls-dane-3.6.16-4.0.1.el8_fips.i686.rpm	04f660f02ee5d631af734018f57206e9	-
	gnutls-dane-3.6.16-4.0.1.el8_fips.x86_64.rpm	a85969dabb1909a4236e809b82c1fd68	-
	gnutls-devel-3.6.16-4.0.1.el8_fips.i686.rpm	d6114bcd88ee444262e0c297c2677d15	-
	gnutls-devel-3.6.16-4.0.1.el8_fips.x86_64.rpm	63ed992015e5ab18b1cd285dd5eeb3e3	-
	gnutls-utils-3.6.16-4.0.1.el8_fips.x86_64.rpm	622575a46ab46269ed573339e90b7e11	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691