OVMSA-2017-0054 - gnutls security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2017-03-29 |
Description
[2.12.23-21]
- Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes
(#1326389, #1326073, #1323215, #1320982, #1328205, #1321112)
- Modified gnutls-serv to accept --sni-hostname (#1333521)
- Modified gnutls-serv to always reply with an alert message (#1327656)
- Removed support for DSA2 as it causes interoperability issues (#1321112)
- Allow sending and receiving certificates which were not in the
signature algorithms extension (#1328205)
- Removed support for EXPORT ciphersuites (#1337460)
- Raised the minimum acceptable DH size to 1024 (#1335924)
- Restricted the number of alert that can be received during handshake (#1388730)
- Added fixes for OpenPGP parsing issues (CVE-2017-5337, CVE-2017-5336, CVE-2017-5335)
- The exposed (but internal) crypto back-end registration API is deprecated and no
longer functional. The ABI is kept compatible (#1415682)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | gnutls-2.12.23-21.el6.src.rpm | 428444894803b9279d218fb3faefd2d8c617a74cb540458ce3efc64d5190751a | - | ovm3_x86_64_3.3_patch |
| gnutls-2.12.23-21.el6.x86_64.rpm | d1c53eda38b302d127b756b7ccd986b9e5e09a298845d2d125bb0c0fd1de6e9b | - | ovm3_x86_64_3.3_patch |
|
| Oracle VM 3.4 (x86_64) | gnutls-2.12.23-21.el6.src.rpm | 428444894803b9279d218fb3faefd2d8c617a74cb540458ce3efc64d5190751a | - | ovm34_x86_64_latest |
| gnutls-2.12.23-21.el6.x86_64.rpm | d1c53eda38b302d127b756b7ccd986b9e5e09a298845d2d125bb0c0fd1de6e9b | - | ovm34_x86_64_latest |
| gnutls-utils-2.12.23-21.el6.x86_64.rpm | c7db83e1eea5e16ee0565dddcbbf0448aa6372662362e43cf70d9e10a3c4027d | - | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
