<oval_definitions xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:red-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:ind-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd">
<generator>
<oval:product_name>Oracle Errata System</oval:product_name>
<oval:product_version>Oracle Linux</oval:product_version>
<oval:schema_version>5.11</oval:schema_version>
<oval:timestamp>2026-06-29T08:26:40</oval:timestamp>
</generator>
<definitions>
<definition id="oval:com.oracle.elsa:def:202650346" version="501" class="patch">
<metadata>
<title>
ELSA-2026-50346:  gnutls  security fix update (IMPORTANT)
</title>
<affected family="unix">
<platform>Oracle Linux 9</platform>

</affected>
<reference source="elsa" ref_id="ELSA-2026-50346" ref_url="https://linux.oracle.com/errata/ELSA-2026-50346.html"/>
<reference source="CVE" ref_id="CVE-2026-33845" ref_url="https://linux.oracle.com/cve/CVE-2026-33845.html"/>
<reference source="CVE" ref_id="CVE-2026-33846" ref_url="https://linux.oracle.com/cve/CVE-2026-33846.html"/>
<reference source="CVE" ref_id="CVE-2026-3832" ref_url="https://linux.oracle.com/cve/CVE-2026-3832.html"/>
<reference source="CVE" ref_id="CVE-2026-3833" ref_url="https://linux.oracle.com/cve/CVE-2026-3833.html"/>
<reference source="CVE" ref_id="CVE-2026-42009" ref_url="https://linux.oracle.com/cve/CVE-2026-42009.html"/>
<reference source="CVE" ref_id="CVE-2026-42010" ref_url="https://linux.oracle.com/cve/CVE-2026-42010.html"/>
<reference source="CVE" ref_id="CVE-2026-42011" ref_url="https://linux.oracle.com/cve/CVE-2026-42011.html"/>
<reference source="CVE" ref_id="CVE-2026-42012" ref_url="https://linux.oracle.com/cve/CVE-2026-42012.html"/>
<reference source="CVE" ref_id="CVE-2026-42013" ref_url="https://linux.oracle.com/cve/CVE-2026-42013.html"/>
<reference source="CVE" ref_id="CVE-2026-42014" ref_url="https://linux.oracle.com/cve/CVE-2026-42014.html"/>
<reference source="CVE" ref_id="CVE-2026-42015" ref_url="https://linux.oracle.com/cve/CVE-2026-42015.html"/>
<reference source="CVE" ref_id="CVE-2026-5260" ref_url="https://linux.oracle.com/cve/CVE-2026-5260.html"/>
<reference source="CVE" ref_id="CVE-2026-5419" ref_url="https://linux.oracle.com/cve/CVE-2026-5419.html"/>

<description>
[3.8.10-4_fips]
- Add FIPS package change: add fips suffix to Release and
  set Epoch to 10 [Orabug: 35925409]
- Update FIPS module name for Oracle Linux [Orabug: 35925409]

[3.8.10-4]
- Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite)
- Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour)
- Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread)
- Fix CVE-2026-42010 (PSK authentication, High, authentication bypass)
- Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free)
- Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread)
- Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite)
- Fix CVE-2026-3832 (OCSP, Low, revocation bypass)
- Fix CVE-2026-5419 (PKCS#7, Low, timing side-channel)
- Fix upstream security issue #1808 (PSK rehandshake)
- Fix upstream security issue #1810 (EKU OID prefix match)
- Fix upstream security issue #1813 (pkcs11-provider persistent keys)
- Fix upstream security issue #1818 (RSA correctness, OpenSSL format import)
- Fix upstream security issue #1819 (PKCS#11 trust removal error path)
- Fix upstream security issue #1822 (SCT extension parser OOB read)
- Fix upstream security issue #1841 (key zeroization in hybrid kex)
- Fix upstream security issue #1823 (malformed certtool template)
- Fix upstream security issue #1817 (session parameter loading robustness)
- Fix upstream security issue #1820 (PKCS#11 KDF succeeding w/o deriving)
- gnutls-3.8.10-CVE-2025-9820.patch: update Makefile.in

[3.8.10-3]
- Fix PKCS#11 token initialization label overflow (CVE-2025-9820)
- Fix name constraint processing performance issue (CVE-2025-14831)

[3.8.10-2]
- Reinstate and update the prematurely dropped rekeying patch

[3.8.10-1]
- Rebase to 3.8.10
- Revert defaulting to PBMAC1 in FIPS mode
- Revert unapproving 1024-, 1280-, 1536- and 1792-bit RSA verification
</description>
<!--
 ~~~~~~~~~~~~~~~~~~~~   advisory details   ~~~~~~~~~~~~~~~~~~~ 
-->
<advisory>
<severity>IMPORTANT</severity>
<rights>Copyright 2026 Oracle, Inc.</rights>
<issued date="2026-06-24"/>
<cve cvss3="7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" href="https://linux.oracle.com/cve/CVE-2026-33845.html" public="20260430">CVE-2026-33845</cve>
<cve cvss3="7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" href="https://linux.oracle.com/cve/CVE-2026-33846.html" public="20260504">CVE-2026-33846</cve>
<cve cvss3="3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" href="https://linux.oracle.com/cve/CVE-2026-3832.html" public="20260430">CVE-2026-3832</cve>
<cve cvss3="6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" href="https://linux.oracle.com/cve/CVE-2026-3833.html" public="20260430">CVE-2026-3833</cve>
<cve cvss3="7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" href="https://linux.oracle.com/cve/CVE-2026-42009.html" public="20260518">CVE-2026-42009</cve>
<cve cvss3="7.1/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" href="https://linux.oracle.com/cve/CVE-2026-42010.html" public="20260507">CVE-2026-42010</cve>
<cve cvss3="7.4/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" href="https://linux.oracle.com/cve/CVE-2026-42011.html" public="20260507">CVE-2026-42011</cve>
<cve cvss3="7.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N" href="https://linux.oracle.com/cve/CVE-2026-42012.html" public="20260526">CVE-2026-42012</cve>
<cve cvss3="8.2/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" href="https://linux.oracle.com/cve/CVE-2026-42013.html" public="20260526">CVE-2026-42013</cve>
<cve cvss3="4.0/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" href="https://linux.oracle.com/cve/CVE-2026-42014.html" public="20260616">CVE-2026-42014</cve>
<cve cvss3="5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" href="https://linux.oracle.com/cve/CVE-2026-42015.html" public="20260526">CVE-2026-42015</cve>
<cve cvss3="8.2/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" href="https://linux.oracle.com/cve/CVE-2026-5260.html" public="20260526">CVE-2026-5260</cve>
<cve cvss3="3.7/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" href="https://linux.oracle.com/cve/CVE-2026-5419.html" public="20260601">CVE-2026-5419</cve>

<affected_cpe_list>
<cpe>cpe:/a:oracle:linux:9::u3_security_validation</cpe>
</affected_cpe_list>
</advisory>
</metadata>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346001" comment="Oracle Linux 9 is installed"/>
<criteria operator="OR">
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346002" comment="Oracle Linux arch is aarch64"/>
<criteria operator="OR">
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346003" comment="gnutls is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346004" comment="gnutls is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346005" comment="gnutls is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346006" comment="gnutls-c++ is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346007" comment="gnutls-c++ is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346008" comment="gnutls-c++ is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346009" comment="gnutls-dane is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346010" comment="gnutls-dane is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346011" comment="gnutls-dane is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346012" comment="gnutls-devel is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346013" comment="gnutls-devel is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346014" comment="gnutls-devel is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346015" comment="gnutls-utils is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346016" comment="gnutls-utils is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346017" comment="gnutls-utils is fips patched"/>
</criteria>
</criteria>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346018" comment="Oracle Linux arch is x86_64"/>
<criteria operator="OR">
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346003" comment="gnutls is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346004" comment="gnutls is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346005" comment="gnutls is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346006" comment="gnutls-c++ is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346007" comment="gnutls-c++ is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346008" comment="gnutls-c++ is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346009" comment="gnutls-dane is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346010" comment="gnutls-dane is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346011" comment="gnutls-dane is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346012" comment="gnutls-devel is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346013" comment="gnutls-devel is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346014" comment="gnutls-devel is fips patched"/>
</criteria>
<criteria operator="AND">
<criterion test_ref="oval:com.oracle.elsa:tst:202650346015" comment="gnutls-utils is earlier than 10:3.8.10-4.el9_8_fips"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346016" comment="gnutls-utils is signed with the Oracle Linux 9 key"/>
<criterion test_ref="oval:com.oracle.elsa:tst:202650346017" comment="gnutls-utils is fips patched"/>
</criteria>
</criteria>
</criteria>
</criteria>
</criteria>

</definition>
</definitions>
<!--
 ~~~~~~~~~~~~~~~~~~~~~   rpminfo tests   ~~~~~~~~~~~~~~~~~~~~~ 
-->
<tests>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346001"  version="501" comment="Oracle Linux 9 is installed" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346001" />
<state state_ref="oval:com.oracle.elsa:ste:202650346003" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346002"  version="501" comment="Oracle Linux arch is aarch64" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346001" />
<state state_ref="oval:com.oracle.elsa:ste:202650346004" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346003"  version="501" comment="gnutls is earlier than 10:3.8.10-4.el9_8_fips" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346002" />
<state state_ref="oval:com.oracle.elsa:ste:202650346005" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346004"  version="501" comment="gnutls is signed with the Oracle Linux 9 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346002" />
<state state_ref="oval:com.oracle.elsa:ste:202650346001" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346005"  version="501" comment="gnutls is fips patched" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346002" />
<state state_ref="oval:com.oracle.elsa:ste:202650346002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346006"  version="501" comment="gnutls-c++ is earlier than 10:3.8.10-4.el9_8_fips" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346003" />
<state state_ref="oval:com.oracle.elsa:ste:202650346005" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346007"  version="501" comment="gnutls-c++ is signed with the Oracle Linux 9 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346003" />
<state state_ref="oval:com.oracle.elsa:ste:202650346001" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346008"  version="501" comment="gnutls-c++ is fips patched" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346003" />
<state state_ref="oval:com.oracle.elsa:ste:202650346002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346009"  version="501" comment="gnutls-dane is earlier than 10:3.8.10-4.el9_8_fips" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346004" />
<state state_ref="oval:com.oracle.elsa:ste:202650346005" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346010"  version="501" comment="gnutls-dane is signed with the Oracle Linux 9 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346004" />
<state state_ref="oval:com.oracle.elsa:ste:202650346001" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346011"  version="501" comment="gnutls-dane is fips patched" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346004" />
<state state_ref="oval:com.oracle.elsa:ste:202650346002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346012"  version="501" comment="gnutls-devel is earlier than 10:3.8.10-4.el9_8_fips" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346005" />
<state state_ref="oval:com.oracle.elsa:ste:202650346005" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346013"  version="501" comment="gnutls-devel is signed with the Oracle Linux 9 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346005" />
<state state_ref="oval:com.oracle.elsa:ste:202650346001" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346014"  version="501" comment="gnutls-devel is fips patched" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346005" />
<state state_ref="oval:com.oracle.elsa:ste:202650346002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346015"  version="501" comment="gnutls-utils is earlier than 10:3.8.10-4.el9_8_fips" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346006" />
<state state_ref="oval:com.oracle.elsa:ste:202650346005" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346016"  version="501" comment="gnutls-utils is signed with the Oracle Linux 9 key" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346006" />
<state state_ref="oval:com.oracle.elsa:ste:202650346001" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346017"  version="501" comment="gnutls-utils is fips patched" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346006" />
<state state_ref="oval:com.oracle.elsa:ste:202650346002" />
</rpminfo_test>
<rpminfo_test id="oval:com.oracle.elsa:tst:202650346018"  version="501" comment="Oracle Linux arch is x86_64" check="at least one" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux">
<object object_ref="oval:com.oracle.elsa:obj:202650346001" />
<state state_ref="oval:com.oracle.elsa:ste:202650346006" />
</rpminfo_test>

</tests>
<!--
 ~~~~~~~~~~~~~~~~~~~~   rpminfo objects   ~~~~~~~~~~~~~~~~~~~~ 
-->
<objects>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346004" version="501">
<name>gnutls-dane</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346001" version="501">
<name>oraclelinux-release</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346006" version="501">
<name>gnutls-utils</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346005" version="501">
<name>gnutls-devel</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346003" version="501">
<name>gnutls-c++</name>
</rpminfo_object>
<rpminfo_object xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:obj:202650346002" version="501">
<name>gnutls</name>
</rpminfo_object>
</objects>
<states>
<!--
 ~~~~~~~~~~~~~~~~~~~~   rpminfo states   ~~~~~~~~~~~~~~~~~~~~~ 
-->
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346001" version="501">
<signature_keyid operation="equals">bc4d06a08d8b756f</signature_keyid>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346002" version="501">
<release operation="pattern match">fips</release>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346003" version="501">
<version operation="pattern match">^9</version>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346004" version="501">
<arch operation="pattern match">aarch64</arch>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346005" version="501">
<evr datatype="evr_string" operation="less than">10:3.8.10-4.el9_8_fips</evr>
</rpminfo_state>
<rpminfo_state xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" id="oval:com.oracle.elsa:ste:202650346006" version="501">
<arch operation="pattern match">x86_64</arch>
</rpminfo_state>

</states>
</oval_definitions>
