[CLSA-2024:1710184399] gnutls: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2024-03-11 19:13:22 UTC
Description:
- Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use _gnutls_switch_lib_state for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side channel attacks. - CVE-2023-5981: removes branching that depends on secret data to prevent potential side-channel attack. - CVE-2024-0553: minimize branching after decryption.
Updated packages:
  • gnutls-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
    sha:df8f25dac01b6abc52b74e3e39bbbe520723d4e1
  • gnutls-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
    sha:8461900ebaceb6425a4389b937f6c6899ab2691b
  • gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
    sha:ba0f50308a0e95f9dedbdd4c677e4030d428e8ed
  • gnutls-c++-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
    sha:08ad1fee55b178c6b40e91204ae111f2997656b4
  • gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
    sha:427c670552afe57210ae6cfe3628d7ecc56cc6e4
  • gnutls-dane-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
    sha:0f2ab15fdd7167bca864cad0bbea64887b0d0d49
  • gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.i686.rpm
    sha:8b6dd527a1d651c4900fd42a78ae3ea214018d96
  • gnutls-devel-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
    sha:b871cbdd4c9b4608b44a825e3a8982d0a3e7218b
  • gnutls-utils-3.3.29-9.el7_9.tuxcare.els1.x86_64.rpm
    sha:f5f370f97d8d007288267dec683ab8e38292c3d2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.