Release Info

Advisory: CLSA-2024:1707419801

OS: Ubuntu 18.04 ELS

Public date: 2024-02-08 14:16:43

Project: gnutls28

Version: 3.5.18-1ubuntu1.6+tuxcare.els1

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2024-1707419801.html

Changelog

* SECURITY UPDATE: timing side-channel in the RSA-PSK ClientKeyExchange - debian/patches/nettle-pk-randomness-level.patch: (nettle/pk) use the appropriate level of randomness for each operation. - debian/patches/pk-_gnutls_switch_lib_state.patch: (pk) always use _gnutls_switch_lib_state. - debian/patches/constant-time-cache-pkcs-1-rsa-decryption.patch: Constant time/cache PKCS#1 RSA decryption. - debian/patches/auth-rsa_psk-side-channel.patch: (auth/rsa_psk) side-step potential side-channel. - debian/libgnutls30.symbols: add gnutls_privkey_decrypt_data2. - CVE-2023-5981

Update

Update command: apt-get update apt-get --only-upgrade install gnutls28*

Packages list

gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els1_all.deb libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb

CVEs

CVE-2023-5981