ELSA-2022-9221

ELSA-2022-9221 - gnutls security update

Type:SECURITY
Severity:MODERATE
Release Date:2022-03-17

Description


[3.6.16-4.0.1_fips]
- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length
as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling
rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10

[3.6.16-4]
- p11tool: Document ID reuse behavior when importing certs (#1776250)

[3.6.16-3]
- Treat SHA-1 signed CA in the trusted set differently (#1965445)

[3.6.16-2]
- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)

[3.6.16-1]
- Update to upstream 3.6.16 release (#1956783)
- Fix potential use-after-free in key_share handling (#1927597)
- Fix potential use-after-free in pre_shared_key handling (#1927593)
- Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
- Fix cert expiration issue in tests (#1908110)

[3.6.14-10]
- Port fixes for potential miscalculation in ecdsa_verify (#1942931)

[3.6.14-9]
- Revert the previous change


Related CVEs


CVE-2021-20232
CVE-2021-3580
CVE-2021-20231

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) gnutls-3.6.16-4.0.1.el8_fips.src.rpma9e523931f67c40237ba7bff8343b118-
gnutls-3.6.16-4.0.1.el8_fips.aarch64.rpme46c0ede6968c502d58892a5b0da0c50-
gnutls-c++-3.6.16-4.0.1.el8_fips.aarch64.rpmb3efb6ba72258033e6b2f05cb76e49f2-
gnutls-dane-3.6.16-4.0.1.el8_fips.aarch64.rpm1e92eb417183d2b94b3b98cf5be082a4-
gnutls-devel-3.6.16-4.0.1.el8_fips.aarch64.rpmf963756a8c02f38d7c6618314018be66-
gnutls-utils-3.6.16-4.0.1.el8_fips.aarch64.rpm34f201078ef7adced6e26ed99d3b5727-
Oracle Linux 8 (x86_64) gnutls-3.6.16-4.0.1.el8_fips.src.rpma9e523931f67c40237ba7bff8343b118-
gnutls-3.6.16-4.0.1.el8_fips.i686.rpmb557fa9af2a2ee18738257a8eceff6b4-
gnutls-3.6.16-4.0.1.el8_fips.x86_64.rpm0d64105fefaa5321330dd0174ac6b2c7-
gnutls-c++-3.6.16-4.0.1.el8_fips.i686.rpm90aac59aa89e1a0938bfb3fb28ee647d-
gnutls-c++-3.6.16-4.0.1.el8_fips.x86_64.rpm805f94578a36fcb62b0f959d4ed5d7ee-
gnutls-dane-3.6.16-4.0.1.el8_fips.i686.rpm04f660f02ee5d631af734018f57206e9-
gnutls-dane-3.6.16-4.0.1.el8_fips.x86_64.rpma85969dabb1909a4236e809b82c1fd68-
gnutls-devel-3.6.16-4.0.1.el8_fips.i686.rpmd6114bcd88ee444262e0c297c2677d15-
gnutls-devel-3.6.16-4.0.1.el8_fips.x86_64.rpm63ed992015e5ab18b1cd285dd5eeb3e3-
gnutls-utils-3.6.16-4.0.1.el8_fips.x86_64.rpm622575a46ab46269ed573339e90b7e11-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete