ALSA-2024:1879

[ALSA-2024:1879] Moderate: gnutls security update

Type:

security

Severity:

moderate

Release date:

2024-04-18

Description:

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: vulnerable to Minerva side-channel information leak (CVE-2024-28834)
* gnutls: potential crash during chain building/verification (CVE-2024-28835)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gnutls-devel-3.7.6-23.el9_3.4.aarch64.rpm	3bce0a64072aae08a596d0bb868c7a926b58a53bd0a4bb48eccf8fc62215c3bd
aarch64	gnutls-3.7.6-23.el9_3.4.aarch64.rpm	8c5eaceedbe6f4ca09de97c1ae91dad75bc3f1bf678524f3b0a263a119541272
aarch64	gnutls-utils-3.7.6-23.el9_3.4.aarch64.rpm	a0e9d627a42e7d6704f2f846d23c3a5debfb3a41a1d1427e1fbcba0d27fd04e5
aarch64	gnutls-c++-3.7.6-23.el9_3.4.aarch64.rpm	ba52b475ad8cac3a85f19b94d629cd73528567c6cde40ba444b2d1daa19a6637
aarch64	gnutls-dane-3.7.6-23.el9_3.4.aarch64.rpm	e0f949bf7a2d79041a3c09cefaa6109792a114c544129141c35a46ede8b8b064
i686	gnutls-dane-3.7.6-23.el9_3.4.i686.rpm	04420f038f63b2b7e9c710721264eb479ec1e34349da3df3149c92a825df053f
i686	gnutls-devel-3.7.6-23.el9_3.4.i686.rpm	59226069f284b5ed749cce7e267301e6729df83fce59b03e666f4cc6685b06d4
i686	gnutls-3.7.6-23.el9_3.4.i686.rpm	7473d486f7aa8811b485487653a81a19365d30d288336045f01f6a7f785768e4
i686	gnutls-c++-3.7.6-23.el9_3.4.i686.rpm	7aee58510b8e52c0fdbe78c8bdb820ef0754fdb8455dc2ded605539dbd964257
ppc64le	gnutls-devel-3.7.6-23.el9_3.4.ppc64le.rpm	3ce7a99bbfd4513ec90469896f557234414a83780b0c637b38aaa7127aed00b5
ppc64le	gnutls-c++-3.7.6-23.el9_3.4.ppc64le.rpm	48e62a7aeca2a7526d92e367604776d262b9ee75a619cf412463e3e4d2b4894f
ppc64le	gnutls-utils-3.7.6-23.el9_3.4.ppc64le.rpm	4e6f2cda34178575058c5a8810c0f0ad271b50936885ba9eab1088fd3f98ff3a
ppc64le	gnutls-3.7.6-23.el9_3.4.ppc64le.rpm	570e24409330e763723c0047f57e826d20ef47647ba2da56d0231148bd64b14d
ppc64le	gnutls-dane-3.7.6-23.el9_3.4.ppc64le.rpm	972a162bb88006f398d21ece2d62bb5603feba01d06afcdf8f990fa721d94c43
s390x	gnutls-c++-3.7.6-23.el9_3.4.s390x.rpm	109668816b4186722c7af108fd354d7be30280e9b0c556cc67654be2b95ae5ef
s390x	gnutls-dane-3.7.6-23.el9_3.4.s390x.rpm	35ae77abb25724b38ba775f1f22e36bb8fc114faa0ee9964a6d506ea0039b118
s390x	gnutls-devel-3.7.6-23.el9_3.4.s390x.rpm	b24878da58c24dbf2ea696b6e32511da6f7fa92ede5c955d51d3a6b4f97c8a9c
s390x	gnutls-utils-3.7.6-23.el9_3.4.s390x.rpm	b6253c8bf2018418946123cc2e5d2391d6fa164d5329387751002d3c9f868572
s390x	gnutls-3.7.6-23.el9_3.4.s390x.rpm	d0aef3bb5af6214e4f42df3f306a15d00603bb708e3fdd373abbf6ae746336b5
x86_64	gnutls-devel-3.7.6-23.el9_3.4.x86_64.rpm	3558a0a97b9c17c4b8769d0ed8aa740ceaeb1c5781cf5f80d0beeb2ad0e3dc0a
x86_64	gnutls-utils-3.7.6-23.el9_3.4.x86_64.rpm	42e0c2301d2a1d4e650f43d89d68d6c3360f64cb28850253b0899ed2d88fcf79
x86_64	gnutls-c++-3.7.6-23.el9_3.4.x86_64.rpm	71f12a775926fda3873ba37d54a0893c978bc48285c4ae8e6b8ca628b9504c76
x86_64	gnutls-3.7.6-23.el9_3.4.x86_64.rpm	91ed884e420cb2eee2ce5ddba26b91b20ce87d7ce42b7afe85085a8d197108d9
x86_64	gnutls-dane-3.7.6-23.el9_3.4.x86_64.rpm	e810b6136e9b55ed69a3a81c426c4c58eb97822de220f7dd89342c4a473ef1a3

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.