ELSA-2025-20284

ULN >
Oracle Linux Errata repository >
ELSA-2025-20284

ELSA-2025-20284 - gnutls security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-04-24

Description

[3.6.16-8.3_fips]
- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length
as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling
rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10

[3.6.16-8.3]
- Backport the fix for CVE-2024-12243

[3.6.16-8.3]
- Fix memleak with older GMP (RHEL-28957)

[3.6.16-8.2]
- Fix timing side-channel in deterministic ECDSA (RHEL-35231)

[3.6.16-8.1]
- auth/rsa-psk: minimize branching after decryption (RHEL-21550)

Related CVEs

CVE-2024-12243

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	gnutls-3.6.16-8.el8_10.3_fips.src.rpm	ee6da899292d41d7d72e1812619e04bda1eccc6be29475a9f19c57cc5d83df86	-	ol8_aarch64_u4_security_validation
	gnutls-3.6.16-8.el8_10.3_fips.aarch64.rpm	6a603081d5ffbf6ff92c1c47565985b357b3424ae0015f39eaed46ba33f37a66	-	ol8_aarch64_u4_security_validation
	gnutls-c++-3.6.16-8.el8_10.3_fips.aarch64.rpm	7a8b775991daaec7a876da06e6a7e4e170f45b59bd21648a80be89b68e6ff28e	-	ol8_aarch64_u4_security_validation
	gnutls-dane-3.6.16-8.el8_10.3_fips.aarch64.rpm	d7fce3aa256b08986831bdf8895f44bcad3688f701e0b5d82cb866ec4c0ba6a6	-	ol8_aarch64_u4_security_validation
	gnutls-devel-3.6.16-8.el8_10.3_fips.aarch64.rpm	5c9398547102f877afa885ba58bfbf8dedcfc8a0f964e8605949204812435596	-	ol8_aarch64_u4_security_validation
	gnutls-utils-3.6.16-8.el8_10.3_fips.aarch64.rpm	0e7ad3a4ee76ff405f0d1a793f5f80c477585dcf47b74aa3319195e86db72c01	-	ol8_aarch64_u4_security_validation

Oracle Linux 8 (x86_64)	gnutls-3.6.16-8.el8_10.3_fips.src.rpm	ee6da899292d41d7d72e1812619e04bda1eccc6be29475a9f19c57cc5d83df86	-	ol8_x86_64_u4_security_validation
	gnutls-3.6.16-8.el8_10.3_fips.i686.rpm	fbbeb4381e5b1ab1a50598b18921a269627367fc3fc65dc08fa515bbfd0d1caa	-	ol8_x86_64_u4_security_validation
	gnutls-3.6.16-8.el8_10.3_fips.x86_64.rpm	ef1e7c568f43c27d35bc3f83be2215e376ec291e042b8e946f16abc63d9ef226	-	ol8_x86_64_u4_security_validation
	gnutls-c++-3.6.16-8.el8_10.3_fips.i686.rpm	bd3f2bfccfbf3b40fed096d58f4c1bb5addef622be4a6d58974439012a760454	-	ol8_x86_64_u4_security_validation
	gnutls-c++-3.6.16-8.el8_10.3_fips.x86_64.rpm	a4f698b10391e50cc1ecc4649e7f674fd5380f639f7f7dfe301131486e74fc46	-	ol8_x86_64_u4_security_validation
	gnutls-dane-3.6.16-8.el8_10.3_fips.i686.rpm	fbdc7955c389d9da52d3499751e7cc4c8bca7e2b6853bdae27224fa2aa148721	-	ol8_x86_64_u4_security_validation
	gnutls-dane-3.6.16-8.el8_10.3_fips.x86_64.rpm	97b83f5ac5ffe11c5e8a955acd17189bd04d511bad41a56b2344f66e3a3ae7e4	-	ol8_x86_64_u4_security_validation
	gnutls-devel-3.6.16-8.el8_10.3_fips.i686.rpm	444a6ae4c29609003322bcdd7ba9d047182856c1fd92765c9690bd41cfafb1fa	-	ol8_x86_64_u4_security_validation
	gnutls-devel-3.6.16-8.el8_10.3_fips.x86_64.rpm	078500239dda2f6ad8b0d2f31a8e0ccce018c8992894b1446b9474518a16ee87	-	ol8_x86_64_u4_security_validation
	gnutls-utils-3.6.16-8.el8_10.3_fips.x86_64.rpm	eb2f16bfd829cd09fc4990e52861c31862d0422db1d593307a6253a3df5bd1dd	-	ol8_x86_64_u4_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691