ELSA-2023-1141

ELSA-2023-1141 - gnutls security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2023-03-08

Description


[3.7.6-18]
- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168610)

[3.7.6-17]
- Fix timing side-channel in TLS RSA key exchange (#2162600)

[3.7.6-16]
- fips: extend PCT to DH key generation (#2168610)

[3.7.6-14]
- fips: remove library path checking from FIPS integrity check (#2149638)
- fips: rename hmac file to its previous name (#2149640)

[3.7.6-13]
- cipher: add restriction on CCM tag length under FIPS mode (#2144535)
- nettle: mark non-compliant RSA-PSS salt length to be not-approved (#2144537)


Related CVEs


CVE-2023-0361

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_aarch64_appstream
gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_aarch64_baseos_latest
gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_aarch64_u1_baseos_patch
gnutls-3.7.6-18.el9_1.aarch64.rpm9757a46c432af1f0512af29ad5a6024fe194d1f77c3ca0f338fd13aeb2bb99d8-ol9_aarch64_baseos_latest
gnutls-3.7.6-18.el9_1.aarch64.rpm9757a46c432af1f0512af29ad5a6024fe194d1f77c3ca0f338fd13aeb2bb99d8-ol9_aarch64_u1_baseos_patch
gnutls-c++-3.7.6-18.el9_1.aarch64.rpm33801ce370ff980744df5661aeec5c541108d70cc96c3f60249ea0550c7b6a82-ol9_aarch64_appstream
gnutls-dane-3.7.6-18.el9_1.aarch64.rpm89f4a60d2ac79d1b971e2462aa8d4624ad0a2a7814d61b7f055e14b75ec33663-ol9_aarch64_appstream
gnutls-devel-3.7.6-18.el9_1.aarch64.rpm635516a7384d5273feec2051f6bed18e970beb9bb3aee637beb83080b6a06350-ol9_aarch64_appstream
gnutls-utils-3.7.6-18.el9_1.aarch64.rpm77979fd4a9b1baffe418ca0ccee81fdc94d43ad8218c948e3fd43e59b16bbca1-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_x86_64_appstream
gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_x86_64_baseos_latest
gnutls-3.7.6-18.el9_1.src.rpm91424bd7f6f623f903bb7754ee75cbe4d0be19f48225a0cd6ab936f5901963e7-ol9_x86_64_u1_baseos_patch
gnutls-3.7.6-18.el9_1.i686.rpm295f2bb83127bce7acc350157fb242d6d42daeb53de27836196d953729fe9982-ol9_x86_64_baseos_latest
gnutls-3.7.6-18.el9_1.i686.rpm295f2bb83127bce7acc350157fb242d6d42daeb53de27836196d953729fe9982-ol9_x86_64_u1_baseos_patch
gnutls-3.7.6-18.el9_1.x86_64.rpm1f31ba587f2f49f98e1505683e4e83b66966ff0756b82e95e0a7a55f47221adf-ol9_x86_64_baseos_latest
gnutls-3.7.6-18.el9_1.x86_64.rpm1f31ba587f2f49f98e1505683e4e83b66966ff0756b82e95e0a7a55f47221adf-ol9_x86_64_u1_baseos_patch
gnutls-c++-3.7.6-18.el9_1.i686.rpm64235d568f9ab92d38b8f6c9616f07ecb6e65fa721a5aecd99f79b9b254969c2-ol9_x86_64_appstream
gnutls-c++-3.7.6-18.el9_1.x86_64.rpm99f963e0231d081e44b2a4ac718742247781a5b9cbf4e40e0bd663c9c55837f1-ol9_x86_64_appstream
gnutls-dane-3.7.6-18.el9_1.i686.rpmb0cb0d52e19e2f07fd1a091e79b56d90f887417875314736ba17e7646e38fbb9-ol9_x86_64_appstream
gnutls-dane-3.7.6-18.el9_1.x86_64.rpm51d910536c4fa82367051e32c2643fe38932e9ff6575d14ab9350567245ac323-ol9_x86_64_appstream
gnutls-devel-3.7.6-18.el9_1.i686.rpm6782faddc17bfec4b4ab0a53a9984c0be9452fb5e18723ced5559539c7007b93-ol9_x86_64_appstream
gnutls-devel-3.7.6-18.el9_1.x86_64.rpm1596e3cec8d43c5a35e75c55240f6c40b21f850da0d7c5d66f2098fa6a6c5ed6-ol9_x86_64_appstream
gnutls-utils-3.7.6-18.el9_1.x86_64.rpm020fc2b484bf0ed4d694b5eab2bb2944b4d68d149f218880acc822a5419f006c-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete