ELSA-2023-1141

ULN >
Oracle Linux Errata repository >
ELSA-2023-1141

ELSA-2023-1141 - gnutls security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-03-08

Description

[3.7.6-18]
- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168610)

[3.7.6-17]
- Fix timing side-channel in TLS RSA key exchange (#2162600)

[3.7.6-16]
- fips: extend PCT to DH key generation (#2168610)

[3.7.6-14]
- fips: remove library path checking from FIPS integrity check (#2149638)
- fips: rename hmac file to its previous name (#2149640)

[3.7.6-13]
- cipher: add restriction on CCM tag length under FIPS mode (#2144535)
- nettle: mark non-compliant RSA-PSS salt length to be not-approved (#2144537)

Related CVEs

CVE-2023-0361

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 9 (aarch64)	gnutls-3.7.6-18.el9_1.src.rpm	a8d03e7a8f887c1e48e0b8e918e3a0d4	-
	gnutls-3.7.6-18.el9_1.aarch64.rpm	ba694eb7416bed45fd6753dffbc62fe3	-
	gnutls-c++-3.7.6-18.el9_1.aarch64.rpm	ea39e99f08d16f5a9448664e157984e5	-
	gnutls-dane-3.7.6-18.el9_1.aarch64.rpm	0bd1aa24ea5364772198e8448caad816	-
	gnutls-devel-3.7.6-18.el9_1.aarch64.rpm	c6bfe438f59b69b7fda8e1c10e6424f0	-
	gnutls-utils-3.7.6-18.el9_1.aarch64.rpm	10bf50665dbf6a0cf1b12d994fcf3471	-

Oracle Linux 9 (x86_64)	gnutls-3.7.6-18.el9_1.src.rpm	a8d03e7a8f887c1e48e0b8e918e3a0d4	-
	gnutls-3.7.6-18.el9_1.i686.rpm	2386267924155a3d7e1dd56f44d3cf4c	-
	gnutls-3.7.6-18.el9_1.x86_64.rpm	89bd4519e47b6c0ff51cef314c944441	-
	gnutls-c++-3.7.6-18.el9_1.i686.rpm	f31f052059911e3132bea075dfb21c84	-
	gnutls-c++-3.7.6-18.el9_1.x86_64.rpm	a3c98f86825b06f98ab5d9d0b19fcab3	-
	gnutls-dane-3.7.6-18.el9_1.i686.rpm	f55b8dc1b651073f5d06ea43578995e1	-
	gnutls-dane-3.7.6-18.el9_1.x86_64.rpm	4e02b786d3303be18cab24309ef9b9c8	-
	gnutls-devel-3.7.6-18.el9_1.i686.rpm	d0a306373a69a5d213c8235eedeeedd0	-
	gnutls-devel-3.7.6-18.el9_1.x86_64.rpm	bbde3dda8fa23bb9c4359f1367430cbd	-
	gnutls-utils-3.7.6-18.el9_1.x86_64.rpm	b2f855815c154807cad8ad8bff770b69	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691