ELSA-2024-12336

ULN >
Oracle Linux Errata repository >
ELSA-2024-12336

ELSA-2024-12336 - gnutls security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-04-19

Description

[3.7.6-23.4_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35925409]
- Update FIPS module name for Oracle Linux [Orabug: 35925409]
- Verify salt length and iteration count for PBKDF [Orabug: 35925409]

[3.7.6-23.4]
- Fix timing side-channel in deterministic ECDSA (RHEL-28958)
- Fix potential crash during chain building/verification (RHEL-28953)

[3.7.6-23.3]
- x509: detect loop in certificate chain (RHEL-21759)
- fips: Zeroize temporary values in integrity check (RHEL-21870)

[3.7.6-23.2]
- auth/rsa_psk: minimize branching after decryption

[3.7.6-23.1]
- auth/rsa_psk: side-step potential side-channel (RHEL-16755)

[3.7.6-23]
- Mark SHA-1 signature verification non-approved in FIPS (#2102751)

[3.7.6-22]
- Skip KTLS test on old kernel if host and target arches are different

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	gnutls-3.7.6-23.el9_3.4_fips.src.rpm	040111371e96dbe8a4a3c14355a40e26	-	ol9_aarch64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.aarch64.rpm	1a8d5a6af5b59ac458912fc7977efaad	-	ol9_aarch64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.aarch64.rpm	51d317ce329f7f5f6d752e59e90cfad0	-	ol9_aarch64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.aarch64.rpm	8ada1553ca5061ec097c4639e486f293	-	ol9_aarch64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.aarch64.rpm	33a4864c9fdabd5840f288ff212c7fa7	-	ol9_aarch64_u3_security_validation
	gnutls-utils-3.7.6-23.el9_3.4_fips.aarch64.rpm	3e67d7e8b8cca4c81017d624f9dc1b2d	-	ol9_aarch64_u3_security_validation

Oracle Linux 9 (x86_64)	gnutls-3.7.6-23.el9_3.4_fips.src.rpm	040111371e96dbe8a4a3c14355a40e26	-	ol9_x86_64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.i686.rpm	13611a22018103fbc6e6356dace46cc8	-	ol9_x86_64_u3_security_validation
	gnutls-3.7.6-23.el9_3.4_fips.x86_64.rpm	2e8377b89f8e5f5ed6b1df9619acda44	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.i686.rpm	5f53d897943eeaa404f66611e9f9e5ba	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.7.6-23.el9_3.4_fips.x86_64.rpm	9772e775df308984c9f27beed4c1dd22	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.i686.rpm	91d7909503fe83540f8dd05bada14311	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.7.6-23.el9_3.4_fips.x86_64.rpm	84867136b2dda36c3c7b84b35ff77e62	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.i686.rpm	0975db20fd9f4a9c1b5e0f6d8fd60720	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.7.6-23.el9_3.4_fips.x86_64.rpm	982cfb6390a28fa9fad86c0d7709909c	-	ol9_x86_64_u3_security_validation
	gnutls-utils-3.7.6-23.el9_3.4_fips.x86_64.rpm	80be42052ccdae02e7ef088078e06e56	-	ol9_x86_64_u3_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691