ELSA-2024-12364

ULN >
Oracle Linux Errata repository >
ELSA-2024-12364

ELSA-2024-12364 - gnutls security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-08

Description

[3.8.3-4_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35925409]
- Update FIPS module name for Oracle Linux [Orabug: 35925409]

[3.8.3-4]
- Bump release to ensure el9 package is greater than el9_* packages

[3.8.3-3]
- Bump release to ensure el9 package is greater than el9_* packages

[3.8.3-2]
- Fix timing side-channel in deterministic ECDSA (RHEL-28959)
- Fix potential crash during chain building/verification (RHEL-28954)

[3.8.3-1]
- Update to gnutls 3.8.3 (RHEL-14891)

[3.8.2-3]
- Skip KTLS test exercising ChaCha20-Poly1305 in TLS 1.3 as well (RHEL-18498)

[3.8.2-2]
- Bump nettle dependency to 3.9.1
- Skip KTLS test exercising ChaCha20-Poly1305 in TLS 1.2 (RHEL-18498)

[3.8.2-1]
- Update to gnutls 3.8.2 (RHEL-14891)

Related CVEs

CVE-2024-28834

CVE-2024-28835

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	gnutls-3.8.3-4.el9_4_fips.src.rpm	cbf2c088b94322ddf6b322b9200b4d805cdcd6f2993b6467fcb95b95a510fb09	-	ol9_aarch64_u3_security_validation
	gnutls-3.8.3-4.el9_4_fips.aarch64.rpm	6e86d696028a27d0bfd2f184514a0eff6ea86f4d6a5f84fe160d573478da47db	-	ol9_aarch64_u3_security_validation
	gnutls-c++-3.8.3-4.el9_4_fips.aarch64.rpm	e3f09f09125b4641ea9b5d3299d22db131a82824612b7d3054b1a28b96ccf9fb	-	ol9_aarch64_u3_security_validation
	gnutls-dane-3.8.3-4.el9_4_fips.aarch64.rpm	ef3fdf97a12d967b3a1e4eb1b701660c0e63516b3e8d9c4a3d311bcb65a427e9	-	ol9_aarch64_u3_security_validation
	gnutls-devel-3.8.3-4.el9_4_fips.aarch64.rpm	722aecbb74ac175528d19312ac0bbc1620c2d45afe08cef62860591edd27e3a6	-	ol9_aarch64_u3_security_validation
	gnutls-utils-3.8.3-4.el9_4_fips.aarch64.rpm	da64f860f50c62714ecfc9b74c487d9a09f9a13a80eea0f1ded4e85048536608	-	ol9_aarch64_u3_security_validation

Oracle Linux 9 (x86_64)	gnutls-3.8.3-4.el9_4_fips.src.rpm	cbf2c088b94322ddf6b322b9200b4d805cdcd6f2993b6467fcb95b95a510fb09	-	ol9_x86_64_u3_security_validation
	gnutls-3.8.3-4.el9_4_fips.i686.rpm	9d65c5028149ab54338792d95ae4ede4ce131abb26aeb7d66956fd7a48246b02	-	ol9_x86_64_u3_security_validation
	gnutls-3.8.3-4.el9_4_fips.x86_64.rpm	3869e08f247bd3646e9208add9b953394de2c33d337ef5d98f913fa11cb7aa37	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.8.3-4.el9_4_fips.i686.rpm	257769049870f9f932e42c3f8156e4499241249be9b9f315b8e93dfd6140c1f8	-	ol9_x86_64_u3_security_validation
	gnutls-c++-3.8.3-4.el9_4_fips.x86_64.rpm	288e8dbacc96c7d4eee4a70a941df4edc10dba7afbe4e2f6935acd3f253f14b8	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.8.3-4.el9_4_fips.i686.rpm	f03a7912551d11622a54acf28a509172f315d2dca22b8337d2bec54fd3315bf7	-	ol9_x86_64_u3_security_validation
	gnutls-dane-3.8.3-4.el9_4_fips.x86_64.rpm	3fa327ee3f094ac7952dc1c463b2bcded3d75c506ca2caa4465d0d4e52405aa7	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.8.3-4.el9_4_fips.i686.rpm	b8a592c5e376a19ae2042fd8889fb7f4362be5bc383e839ec425f842fa68c15c	-	ol9_x86_64_u3_security_validation
	gnutls-devel-3.8.3-4.el9_4_fips.x86_64.rpm	9afb33beb2a6d9d9d82f1e9e3369ab7128bccde7b37881697d127fa10dd1d426	-	ol9_x86_64_u3_security_validation
	gnutls-utils-3.8.3-4.el9_4_fips.x86_64.rpm	e9ff775a7016d1cf71f8b382e6ad930c9eccd29ff01646c6d71854124d8fab8c	-	ol9_x86_64_u3_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691