ALSA-2024:0533

[ALSA-2024:0533] Moderate: gnutls security update

Type:

security

Severity:

moderate

Release date:

2024-01-29

Description:

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: timing side-channel in the RSA-PSK authentication (CVE-2023-5981)
* gnutls: incomplete fix for CVE-2023-5981 (CVE-2024-0553)
* gnutls: rejects certificate chain with distributed trust (CVE-2024-0567)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gnutls-3.7.6-23.el9_3.3.aarch64.rpm	4f541ef9deea0697edb4ab419c077074164b5d0fc312b6b38528772cb8db7af3
aarch64	gnutls-devel-3.7.6-23.el9_3.3.aarch64.rpm	6138988f48bf745eba563d5f7f6a9949dd2ed45b7d04fde69963f81464c7f2ad
aarch64	gnutls-dane-3.7.6-23.el9_3.3.aarch64.rpm	9665a322bda65e3859de91325eb0c4415df4235b97ae119fdd912909bb1a63ee
aarch64	gnutls-c++-3.7.6-23.el9_3.3.aarch64.rpm	b3e3ca99d909a950923092ebb8d61f04c2e3613692a5a958c68477135034ff13
aarch64	gnutls-utils-3.7.6-23.el9_3.3.aarch64.rpm	cc982c6d147e0891a49c3eade249706b1d7943d7355b2187fdfe87f1a99ea062
i686	gnutls-dane-3.7.6-23.el9_3.3.i686.rpm	1348b4f05f2959f7d9af564d82b0e8d70ca9b1083c58c7f18dc2a7a386d130e4
i686	gnutls-3.7.6-23.el9_3.3.i686.rpm	24c0361cb2ce5bfa0e5a3a8f8f17968403a3c3ef7f55847f41c7edeb0fb453f0
i686	gnutls-devel-3.7.6-23.el9_3.3.i686.rpm	79c9547c54e78057e4eed301abc0deda166641b35c2da88cc69f9fe07d5f41b5
i686	gnutls-c++-3.7.6-23.el9_3.3.i686.rpm	84df875a0aae07ea943fccb91fb524c5482c42750253569a3e2b43a7ad24937e
ppc64le	gnutls-c++-3.7.6-23.el9_3.3.ppc64le.rpm	28cbbc2954068b082c04c215adf12a999528a72efff806fd8cc45725097eb1dc
ppc64le	gnutls-3.7.6-23.el9_3.3.ppc64le.rpm	4f047bb6b1ed7d0a60714cfbe7fd3563c5515ab4944f08ca5f60c0f9fcd0676f
ppc64le	gnutls-devel-3.7.6-23.el9_3.3.ppc64le.rpm	60d086a761ec8626817029700b1ca2db1cba83138ce7afb7efbe73ce2ee49114
ppc64le	gnutls-dane-3.7.6-23.el9_3.3.ppc64le.rpm	f346bc80ac32c03ea6056bee8078b315e6561eebf2df9644797b10fd7a43f034
ppc64le	gnutls-utils-3.7.6-23.el9_3.3.ppc64le.rpm	f9f8b35066926620d0a3191dbe2cce1906563a533846e5544a570fb2783ca91a
s390x	gnutls-devel-3.7.6-23.el9_3.3.s390x.rpm	4579af9ab635ab3281fe125b5f465a1bfd6b5cb1c1221f47340fab2605b99c49
s390x	gnutls-dane-3.7.6-23.el9_3.3.s390x.rpm	64b4f828c6cfd44c8f9cf70efeaead8b13d9ad888cd3388d5f73468ae33a76ed
s390x	gnutls-utils-3.7.6-23.el9_3.3.s390x.rpm	807743077141845f2027f2d54566ff90cef3e2aaf86a6a86d0b036c571f19d26
s390x	gnutls-c++-3.7.6-23.el9_3.3.s390x.rpm	8cb8969b811129475ef345a8f83a9c61507a4466a5cb71976c8016f8965b4b3f
s390x	gnutls-3.7.6-23.el9_3.3.s390x.rpm	d8e57edbafa89d7d9dbca3b6c4c2bf0a4efa1fd5741e055ea87eabc03c639c8c
x86_64	gnutls-3.7.6-23.el9_3.3.x86_64.rpm	b20bb707d8f9f27eba48ddce817752383a32e91201aa74963293f661f9597624
x86_64	gnutls-utils-3.7.6-23.el9_3.3.x86_64.rpm	ba05ebf82d146c57cc85fe3b953342ff2c9721709a50003ea71a08043eb1492c
x86_64	gnutls-c++-3.7.6-23.el9_3.3.x86_64.rpm	baf542d3f343fc36857ea5109a38971ff7a35797d405cc3448651afbb0f807fc
x86_64	gnutls-dane-3.7.6-23.el9_3.3.x86_64.rpm	ebf0963cfaa8c7cdd8c19aa878679ef387cbe061dcd69784df4081879af4b737
x86_64	gnutls-devel-3.7.6-23.el9_3.3.x86_64.rpm	f6012d17f2141db2969c708836d9b3494ae110416262ee6286c496b2acc2283a

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.