Описание
ELSA-2024-1784: gnutls security update (MODERATE)
[3.6.16-8.3_fips]
- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10_fips
[3.6.16-8.3]
- Fix memleak with older GMP (RHEL-28957)
[3.6.16-8.2]
- Fix timing side-channel in deterministic ECDSA (RHEL-28957)
[3.6.16-8.1]
- auth/rsa-psk: minimize branching after decryption (RHEL-21586)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
gnutls
3.6.16-8.el8_9.3
gnutls
3.6.16-8.el8_9.3_fips
gnutls-c++
3.6.16-8.el8_9.3
gnutls-c++
3.6.16-8.el8_9.3_fips
gnutls-dane
3.6.16-8.el8_9.3
gnutls-dane
3.6.16-8.el8_9.3_fips
gnutls-devel
3.6.16-8.el8_9.3
gnutls-devel
3.6.16-8.el8_9.3_fips
gnutls-utils
3.6.16-8.el8_9.3
gnutls-utils
3.6.16-8.el8_9.3_fips
Oracle Linux x86_64
gnutls
3.6.16-8.el8_9.3
gnutls
3.6.16-8.el8_9.3_fips
gnutls-c++
3.6.16-8.el8_9.3
gnutls-c++
3.6.16-8.el8_9.3_fips
gnutls-dane
3.6.16-8.el8_9.3
gnutls-dane
3.6.16-8.el8_9.3_fips
gnutls-devel
3.6.16-8.el8_9.3
gnutls-devel
3.6.16-8.el8_9.3_fips
gnutls-utils
3.6.16-8.el8_9.3
gnutls-utils
3.6.16-8.el8_9.3_fips
Связанные CVE
Связанные уязвимости
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vuln ...