Advisory: CLSA-2024:1734368297
OS: Oracle Linux 7 ELS
Public date: 2024-12-16 11:58:19
Project: gnutls
Version: 3.3.29-9.el7_6.tuxcare.els1
Errata link: https://errata.tuxcare.com/oraclelinux7-els/CLSA-2024-1734368297.html
- Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use _gnutls_switch_lib_state for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side channel attacks. - CVE-2023-5981: removes branching that depends on secret data to prevent potential side-channel attack. - CVE-2024-0553: minimize branching after decryption.
Update command: yum update gnutls*
gnutls-3.3.29-9.el7_6.tuxcare.els1.i686.rpm gnutls-3.3.29-9.el7_6.tuxcare.els1.x86_64.rpm gnutls-c++-3.3.29-9.el7_6.tuxcare.els1.i686.rpm gnutls-c++-3.3.29-9.el7_6.tuxcare.els1.x86_64.rpm gnutls-dane-3.3.29-9.el7_6.tuxcare.els1.i686.rpm gnutls-dane-3.3.29-9.el7_6.tuxcare.els1.x86_64.rpm gnutls-devel-3.3.29-9.el7_6.tuxcare.els1.i686.rpm gnutls-devel-3.3.29-9.el7_6.tuxcare.els1.x86_64.rpm gnutls-utils-3.3.29-9.el7_6.tuxcare.els1.x86_64.rpm