ALSA-2024:2570

[ALSA-2024:2570] Moderate: gnutls security update

Type:

security

Severity:

moderate

Release date:

2024-05-07

Description:

The gnutls package provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: vulnerable to Minerva side-channel information leak (CVE-2024-28834)
* gnutls: potential crash during chain building/verification (CVE-2024-28835)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gnutls-utils-3.8.3-4.el9_4.aarch64.rpm	5925736c86c1dde5b865d19d6df258d7778b5323b380e4a463824ec0e09902cb
aarch64	gnutls-3.8.3-4.el9_4.aarch64.rpm	69043fc0bd88cc72057d00d93f0936eb1f81718a7a55db1cf4381a33af2c615d
aarch64	gnutls-dane-3.8.3-4.el9_4.aarch64.rpm	77cff1f0c5227470010c8acf6900f087571203fb9363dd742660cc0a8afddb20
aarch64	gnutls-devel-3.8.3-4.el9_4.aarch64.rpm	935e17aec712bc1e9ca2ae37ce99d1751f70558ea58660ce9ed4c61b2ceb6b91
aarch64	gnutls-c++-3.8.3-4.el9_4.aarch64.rpm	9de26802e01f638d49c68e659bc0de70b26cebc62f93feb31934dab65361004c
i686	gnutls-3.8.3-4.el9_4.i686.rpm	64cf0b0136d3f9b80b07ce2d4b8ce6a4ab86617e8ef9baf560bdfa5edef825ea
i686	gnutls-c++-3.8.3-4.el9_4.i686.rpm	7d544c1f1263d94a4d9fc650f0584f4d906e825227c79b1bf860e5179c8026a0
i686	gnutls-devel-3.8.3-4.el9_4.i686.rpm	847ec0f737e412e1771c5b953372c4e3e946e3d32185bbd11c2c6eb457a7ab69
i686	gnutls-dane-3.8.3-4.el9_4.i686.rpm	ca4fb9334e85de803bd5210a8bf04bfbe94e8c779eca65609672d21d4a415bee
ppc64le	gnutls-3.8.3-4.el9_4.ppc64le.rpm	4208b71da03cb20a07cd1f8afc92a019de75f35d5d273682d19a644aba02b009
ppc64le	gnutls-utils-3.8.3-4.el9_4.ppc64le.rpm	b9c77d86bfe57622499bb88eb2086ecf8b66bda786ee1730bf502295160f9625
ppc64le	gnutls-dane-3.8.3-4.el9_4.ppc64le.rpm	c3bfbebc512ef56c09d0de990d7d2e1f9deb0b61e2657a0d800cd6aa4164b276
ppc64le	gnutls-devel-3.8.3-4.el9_4.ppc64le.rpm	ca06a15b5104588b9f8191ee42df583b819c9218a2eda7238e9b5f2b0cc48fd3
ppc64le	gnutls-c++-3.8.3-4.el9_4.ppc64le.rpm	e4e46d7bedbf5145a9a0ab2daf720edfa7a0cb5bf691b516c8594afcdd438815
s390x	gnutls-3.8.3-4.el9_4.s390x.rpm	1c8a96e8b14d148ecf74910c829b8945053affd8cc9c40784de2e47fdd740fd3
s390x	gnutls-devel-3.8.3-4.el9_4.s390x.rpm	366c5713c169f96c0c074124b7aebff39d4dbfcd356c3f7114c6d56baddf33ba
s390x	gnutls-dane-3.8.3-4.el9_4.s390x.rpm	4e908018cef8a8452120963ad86ac91cba0d86b67ef14aed6a924e38d9a1f193
s390x	gnutls-c++-3.8.3-4.el9_4.s390x.rpm	7656fa22b659a9b422a0a5e947510ee4a6b49bd6f5781db3ae6f80ace70c2103
s390x	gnutls-utils-3.8.3-4.el9_4.s390x.rpm	ba3a3e6387654ff3316b404d9369e20f61f63f4fc0b86587b617d45706a1e3b2
x86_64	gnutls-utils-3.8.3-4.el9_4.x86_64.rpm	0e27d8f4ecbe708064779b252cd4f8afede90c9b70c92a1844815601c6baa3be
x86_64	gnutls-3.8.3-4.el9_4.x86_64.rpm	16c48c504fe62f8e19cac7c6442d3e08bba487f610c2f533116dac32357cda86
x86_64	gnutls-devel-3.8.3-4.el9_4.x86_64.rpm	5262d26693f13eccd5888a0abf5ca02b1c514656496cf8bb0cd169be172a66bb
x86_64	gnutls-c++-3.8.3-4.el9_4.x86_64.rpm	90ce2c078a724affc5c8eddf286ed0fb064b372ebea51b1e181e7780ab320d8e
x86_64	gnutls-dane-3.8.3-4.el9_4.x86_64.rpm	9ff258bd830af4f2712b17bea40299573fa2d8fe24ec01bd89d19081e7b422c1

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.