SUSE-SU-2024:0638-2

Опубликовано: 13 мая 2024

Источник: suse-cvrf

Описание

Security update for gnutls

This update for gnutls fixes the following issues:

CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862).
CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865).

Список пакетов

Container bci/php-apache:latest

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

Container bci/php-fpm:latest

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

Container bci/php:latest

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

Image SLES15-SP4-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS-Aliyun

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-HPC-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Hardened-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Hardened-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Hardened-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Hardened-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-Micro-5-4-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Azure-LI-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Azure-VLI-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-BYOS

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-BYOS-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-BYOS-EC2

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-BYOS-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-BYOS

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAP-Hardened-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAPCAL

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAPCAL-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAPCAL-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SAPCAL-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Azure-3P

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Azure-Basic

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Azure-Standard

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-Aliyun

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-GDC

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-CHOST-BYOS-SAP-CCloud

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-HPC-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-HPC-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-HPC-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-HPC-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Hardened-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Hardened-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Hardened-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-BYOS-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-BYOS-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-BYOS-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-Micro-5-5-GCE

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Azure-3P

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Azure-LI-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Azure-VLI-BYOS

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-BYOS-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-BYOS-EC2

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-BYOS-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Hardened-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAP-Hardened-GCE

gnutls-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAPCAL-Azure

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAPCAL-EC2

libgnutls30-3.7.3-150400.4.41.3

Image SLES15-SP5-SAPCAL-GCE

libgnutls30-3.7.3-150400.4.41.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

SUSE Linux Enterprise Server 15 SP4-LTSS

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

SUSE Manager Proxy 4.3

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

SUSE Manager Server 4.3

gnutls-3.7.3-150400.4.41.3

libgnutls-devel-3.7.3-150400.4.41.3

libgnutls30-3.7.3-150400.4.41.3

libgnutls30-32bit-3.7.3-150400.4.41.3

libgnutls30-hmac-3.7.3-150400.4.41.3

libgnutls30-hmac-32bit-3.7.3-150400.4.41.3

libgnutlsxx-devel-3.7.3-150400.4.41.3

libgnutlsxx28-3.7.3-150400.4.41.3

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20240638-2/
Link for SUSE-SU-2024:0638-2
https://lists.suse.com/pipermail/sle-updates/2024-May/035244.html
E-Mail link for SUSE-SU-2024:0638-2
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1218862
SUSE Bug 1218862
https://bugzilla.suse.com/1218865
SUSE Bug 1218865
https://www.suse.com/security/cve/CVE-2024-0553/
SUSE CVE CVE-2024-0553 page
https://www.suse.com/security/cve/CVE-2024-0567/
SUSE CVE CVE-2024-0567 page

Описание

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

Затронутые продукты

Container bci/php-apache:latest:libgnutls30-3.7.3-150400.4.41.3

Container bci/php-apache:latest:libgnutls30-hmac-3.7.3-150400.4.41.3

Container bci/php-fpm:latest:libgnutls30-3.7.3-150400.4.41.3

Container bci/php-fpm:latest:libgnutls30-hmac-3.7.3-150400.4.41.3

Ссылки

https://www.suse.com/security/cve/CVE-2024-0553.html
CVE-2024-0553
https://bugzilla.suse.com/1218865
SUSE Bug 1218865

Описание

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

Затронутые продукты

Container bci/php-apache:latest:libgnutls30-3.7.3-150400.4.41.3

Container bci/php-apache:latest:libgnutls30-hmac-3.7.3-150400.4.41.3

Container bci/php-fpm:latest:libgnutls30-3.7.3-150400.4.41.3

Container bci/php-fpm:latest:libgnutls30-hmac-3.7.3-150400.4.41.3

Ссылки

https://www.suse.com/security/cve/CVE-2024-0567.html
CVE-2024-0567
https://bugzilla.suse.com/1218862
SUSE Bug 1218862