ELSA-2024-12336

ULN >
Oracle Linux Errata repository >
ELSA-2024-12336

ELSA-2024-12336 - gnutls security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-04-19

Description

[3.7.6-23.4_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35925409]
- Update FIPS module name for Oracle Linux [Orabug: 35925409]
- Verify salt length and iteration count for PBKDF [Orabug: 35925409]

[3.7.6-23.4]
- Fix timing side-channel in deterministic ECDSA (RHEL-28958)
- Fix potential crash during chain building/verification (RHEL-28953)

[3.7.6-23.3]
- x509: detect loop in certificate chain (RHEL-21759)
- fips: Zeroize temporary values in integrity check (RHEL-21870)

[3.7.6-23.2]
- auth/rsa_psk: minimize branching after decryption

[3.7.6-23.1]
- auth/rsa_psk: side-step potential side-channel (RHEL-16755)

[3.7.6-23]
- Mark SHA-1 signature verification non-approved in FIPS (#2102751)

[3.7.6-22]
- Skip KTLS test on old kernel if host and target arches are different

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	gnutls-3.7.6-23.el9_3.4_fips.src.rpm	90ac854dc89000dc434aa931ef6e7b6399e94f70265e9b3d4b01652d9171ce58	-	ol9_aarch64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.aarch64.rpm	04c0889ecef167548318d6251d6058a953eca5fc313584a41e82b5e9545347e3	-	ol9_aarch64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.aarch64.rpm	b9c308927ff93f25e7802af10c71ae0e41e1023924820904ee82862bb4226e58	-	ol9_aarch64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.aarch64.rpm	8f3e13498bd7b3d9c23898b72d0f30f6d5611db2ae1f2676db9b11f4ae74b01a	-	ol9_aarch64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.aarch64.rpm	e929dea656909c2c1f1eb6a3e121ac4af5823eb157468403ffcb295ec0f96016	-	ol9_aarch64_u3_security_validation
	gnutls-utils-3.7.6-23.el9_3.4_fips.aarch64.rpm	f2ee871dbfe6968eaf3070053d6dd774f663964cb61c58508f5f63fbf8e924a5	-	ol9_aarch64_u3_security_validation

Oracle Linux 9 (x86_64)	gnutls-3.7.6-23.el9_3.4_fips.src.rpm	90ac854dc89000dc434aa931ef6e7b6399e94f70265e9b3d4b01652d9171ce58	-	ol9_x86_64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.i686.rpm	9d049c3c741080a654cfb546f8d92af775a16ba275b45de6bd63c32bec48c90e	-	ol9_x86_64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.x86_64.rpm	7401039907461a3464f4bbfe2efd4ddcbbd13bf28f30d43437eaac098029d907	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.i686.rpm	69a05c4c5782a0eb14b2eb7cd9f6ce57662f3c0c3d564d3c87c550942cc74dc0	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.x86_64.rpm	a1c13e1b3deb42d1bd626fdc6afbee424701d5b201917c1d3ea5db72bf6bba60	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.i686.rpm	aa8bc4ea44790bd0c1506e76d21cf313f7eed9410e2a7e3229b8f1c097cdc19a	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.x86_64.rpm	357c63f4eb9b1ae1267f653c83881041d3d66dc1c6d4a40c8ee64f1b68ce38c4	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.i686.rpm	99e839c4296e8444d83c56a2f5a86cd95660f906a709b8b1584841149d619d53	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.x86_64.rpm	76232b712cdd68c0c70f8303abbe3397430db9a9a493cdfc8ebb4971e6844334	-	ol9_x86_64_u3_security_validation
	gnutls-utils-3.7.6-23.el9_3.4_fips.x86_64.rpm	f58ab2bfc9398605c4ef945c718127554c27c0d01a2a02f1bdcdd14474e4b032	-	ol9_x86_64_u3_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691