[ALSA-2022:6854] Moderate: gnutls and nettle security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2022-10-14
Description:
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. The following packages have been upgraded to a later upstream version: gnutls (3.7.6), nettle (3.8). Security Fix(es): * gnutls: Double free during gnutls_pkcs7_verify. (CVE-2022-2509) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [IBM 9.1] [P10] POWER10 performance enhancements for cryptography: nettle - incremental work (BZ#2102589) * Allow enabling KTLS in AlmaLinux 9.1 (BZ#2108532) * DES-CBC bag is decryptable under FIPS (BZ#2115314) * allow signature verification using RSA keys <2k in FIPS mode (BZ#2119770)
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 gnutls-c++-3.7.6-12.el9_0.aarch64.rpm 031dc7a242f967b64c52515b8b0dc1ca50eb64ae4d9e8917a1fcab890abb96c7
aarch64 gnutls-3.7.6-12.el9_0.aarch64.rpm 12470deaa853b706d92bd155460e4a965217f726a0feafc98226c6dbb6b242db
aarch64 gnutls-utils-3.7.6-12.el9_0.aarch64.rpm 4e69570160bb0c43c43bebda963e04a55f9a394d2c3a17b444dbcb7025d77bf9
aarch64 gnutls-devel-3.7.6-12.el9_0.aarch64.rpm 5a6f33aaa113278fea69d7e276a70563b83c8669c9bf176feb55b9078f6a03c4
aarch64 gnutls-dane-3.7.6-12.el9_0.aarch64.rpm ee6d7c84385497474c9e3f144294c283d6fc85c76ba5ec718a1d2b345aa1dacd
i686 gnutls-dane-3.7.6-12.el9_0.i686.rpm 3f88c538c2d491bf6909772104ea7c10a2102e2ea846a636868a5f413ec1b65d
i686 gnutls-3.7.6-12.el9_0.i686.rpm 4b041c89d39b27edb5b64e50a446e38ef25bcd4d8b9f8ba97f930098f46780c3
i686 gnutls-c++-3.7.6-12.el9_0.i686.rpm 920fd4a0448ceb734c313950eeeaea6ac63a17df6df766b0fa9ca646f261647a
i686 gnutls-devel-3.7.6-12.el9_0.i686.rpm cf5a84f274219d9d19a82b27706b411b39bf1db928bf9011ae257e0cc6a4d6c8
ppc64le gnutls-3.7.6-12.el9_0.ppc64le.rpm 1a8b96d2abc4eb7c132d02f0b5895e97c5bc3b51d7abecb8d2ac47e09d438d5e
ppc64le gnutls-devel-3.7.6-12.el9_0.ppc64le.rpm 3c9631fe17d92cd2303ba8faee9c2cc7a548f48bef7e1d9cce4dc9428d24310d
ppc64le gnutls-c++-3.7.6-12.el9_0.ppc64le.rpm 585d5fcebcb65683873d87f6d7bd82c958c47d31a59745b8815a6e5d9e38c11e
ppc64le gnutls-dane-3.7.6-12.el9_0.ppc64le.rpm 7b758fdd9e0dffff8ba5fc73039f0108402b0aab47f40146b55082de409af4b7
ppc64le gnutls-utils-3.7.6-12.el9_0.ppc64le.rpm 7c60df6eea31c95774619319cfa20684100ca174c9eee028d742506cc8318bb8
s390x gnutls-3.7.6-12.el9_0.s390x.rpm 063d15e485c18faec7d3526b5f6952acf0f7b955e69c20a832df9946c81ea1ca
s390x gnutls-dane-3.7.6-12.el9_0.s390x.rpm 60f0563103d4078c319e4c1a45678c4659627dd592fb111e3bdbabcde040ee3b
s390x gnutls-utils-3.7.6-12.el9_0.s390x.rpm b17a7c6308415346376848dc3ee19f8f29310fd06128d311ece88f6de78acd26
s390x gnutls-devel-3.7.6-12.el9_0.s390x.rpm d78f394ef54194d9f988a69f85e9f2d9b289d651fdedc3fd4d5217c6681f8271
s390x gnutls-c++-3.7.6-12.el9_0.s390x.rpm fd2cd5f4675be1c34f75c47e8fa9d8f5055ce66658aee53a3483ccd4cb81d584
x86_64 gnutls-dane-3.7.6-12.el9_0.x86_64.rpm 28e23c3ed7a3fad46a6481d665708ae5a8b2edcfba7207cf6d46a210867d572e
x86_64 gnutls-c++-3.7.6-12.el9_0.x86_64.rpm 3fc271072cdfbcf56aa9c71e2aab0350ddc1d1e0a36a9ec2a5a1f1a72fb02c0f
x86_64 gnutls-utils-3.7.6-12.el9_0.x86_64.rpm af08f245a024f00f907728abfa6a04915b54b4b684ecffdd048823d111434ecb
x86_64 gnutls-devel-3.7.6-12.el9_0.x86_64.rpm bee6f240b93a5c48eeb1734b8a54ba5855b21fba6669db15111e7bc27b06f4c5
x86_64 gnutls-3.7.6-12.el9_0.x86_64.rpm e549e08518f6f5653027ff8be769ae3db7168f2449c4cc5b893419b9a8ab7136
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.