ELSA-2025-20284

ELSA-2025-20284 - gnutls security update

Type:SECURITY
Impact:MODERATE
Release Date:2025-04-24

Description


[3.6.16-8.3_fips]
- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length
as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling
rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10

[3.6.16-8.3]
- Backport the fix for CVE-2024-12243

[3.6.16-8.3]
- Fix memleak with older GMP (RHEL-28957)

[3.6.16-8.2]
- Fix timing side-channel in deterministic ECDSA (RHEL-35231)

[3.6.16-8.1]
- auth/rsa-psk: minimize branching after decryption (RHEL-21550)


Related CVEs


CVE-2024-12243

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) gnutls-3.6.16-8.el8_10.3_fips.src.rpmee6da899292d41d7d72e1812619e04bda1eccc6be29475a9f19c57cc5d83df86-ol8_aarch64_u4_security_validation
gnutls-3.6.16-8.el8_10.3_fips.aarch64.rpm6a603081d5ffbf6ff92c1c47565985b357b3424ae0015f39eaed46ba33f37a66-ol8_aarch64_u4_security_validation
gnutls-c++-3.6.16-8.el8_10.3_fips.aarch64.rpm7a8b775991daaec7a876da06e6a7e4e170f45b59bd21648a80be89b68e6ff28e-ol8_aarch64_u4_security_validation
gnutls-dane-3.6.16-8.el8_10.3_fips.aarch64.rpmd7fce3aa256b08986831bdf8895f44bcad3688f701e0b5d82cb866ec4c0ba6a6-ol8_aarch64_u4_security_validation
gnutls-devel-3.6.16-8.el8_10.3_fips.aarch64.rpm5c9398547102f877afa885ba58bfbf8dedcfc8a0f964e8605949204812435596-ol8_aarch64_u4_security_validation
gnutls-utils-3.6.16-8.el8_10.3_fips.aarch64.rpm0e7ad3a4ee76ff405f0d1a793f5f80c477585dcf47b74aa3319195e86db72c01-ol8_aarch64_u4_security_validation
Oracle Linux 8 (x86_64) gnutls-3.6.16-8.el8_10.3_fips.src.rpmee6da899292d41d7d72e1812619e04bda1eccc6be29475a9f19c57cc5d83df86-ol8_x86_64_u4_security_validation
gnutls-3.6.16-8.el8_10.3_fips.i686.rpmfbbeb4381e5b1ab1a50598b18921a269627367fc3fc65dc08fa515bbfd0d1caa-ol8_x86_64_u4_security_validation
gnutls-3.6.16-8.el8_10.3_fips.x86_64.rpmef1e7c568f43c27d35bc3f83be2215e376ec291e042b8e946f16abc63d9ef226-ol8_x86_64_u4_security_validation
gnutls-c++-3.6.16-8.el8_10.3_fips.i686.rpmbd3f2bfccfbf3b40fed096d58f4c1bb5addef622be4a6d58974439012a760454-ol8_x86_64_u4_security_validation
gnutls-c++-3.6.16-8.el8_10.3_fips.x86_64.rpma4f698b10391e50cc1ecc4649e7f674fd5380f639f7f7dfe301131486e74fc46-ol8_x86_64_u4_security_validation
gnutls-dane-3.6.16-8.el8_10.3_fips.i686.rpmfbdc7955c389d9da52d3499751e7cc4c8bca7e2b6853bdae27224fa2aa148721-ol8_x86_64_u4_security_validation
gnutls-dane-3.6.16-8.el8_10.3_fips.x86_64.rpm97b83f5ac5ffe11c5e8a955acd17189bd04d511bad41a56b2344f66e3a3ae7e4-ol8_x86_64_u4_security_validation
gnutls-devel-3.6.16-8.el8_10.3_fips.i686.rpm444a6ae4c29609003322bcdd7ba9d047182856c1fd92765c9690bd41cfafb1fa-ol8_x86_64_u4_security_validation
gnutls-devel-3.6.16-8.el8_10.3_fips.x86_64.rpm078500239dda2f6ad8b0d2f31a8e0ccce018c8992894b1446b9474518a16ee87-ol8_x86_64_u4_security_validation
gnutls-utils-3.6.16-8.el8_10.3_fips.x86_64.rpmeb2f16bfd829cd09fc4990e52861c31862d0422db1d593307a6253a3df5bd1dd-ol8_x86_64_u4_security_validation



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete