Oracle Errata SystemOracle Linux5.32021-11-16T23:22:42
ELSA-2021-4451: gnutls and nettle security, bug fix, and enhancement update (MODERATE)
Oracle Linux 8
gnutls
[3.6.16-4]
- p11tool: Document ID reuse behavior when importing certs (#1776250)
[3.6.16-3]
- Treat SHA-1 signed CA in the trusted set differently (#1965445)
[3.6.16-2]
- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)
[3.6.16-1]
- Update to upstream 3.6.16 release (#1956783)
- Fix potential use-after-free in key_share handling (#1927597)
- Fix potential use-after-free in pre_shared_key handling (#1927593)
- Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
- Fix cert expiration issue in tests (#1908110)
[3.6.14-10]
- Port fixes for potential miscalculation in ecdsa_verify (#1942931)
[3.6.14-9]
- Revert the previous change
nettle
[3.4.1-7]
- Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990)
[3.4.1-6]
- Enable CTR mode optimization when the block size is 16
[3.4.1-5]
- Backport powerpc64 optimization patches from upstream (#1855228)
Patch from Christopher M. Riedl.
MODERATECopyright 2021 Oracle, Inc.CVE-2021-20232CVE-2021-3580CVE-2021-20231nettle-develgnutls-daneoraclelinux-releasenettlegnutls-utilsgnutls-develgnutls-c++gnutls82562ea9ad986da3^8aarch640:3.6.16-4.el80:3.4.1-7.el8x86_64