Release Info

Advisory: CLSA-2025:1747903683

OS: AlmaLinux 9.2 ESU

Public date: 2025-05-22 08:48:05

Project: gnutls

Version: 3.7.6-23.el9_2.tuxcare.3.els2

Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1747903683.html

Changelog

- CVE-2024-28834: fix side-channel leak in the deterministic ECDSA - CVE-2024-28835: fix crash when verifying a certificate chain with more than 16 certificates

Update

Update command: dnf update gnutls*

Packages list

gnutls-3.7.6-23.el9_2.tuxcare.3.els2.i686.rpm gnutls-3.7.6-23.el9_2.tuxcare.3.els2.x86_64.rpm gnutls-c++-3.7.6-23.el9_2.tuxcare.3.els2.i686.rpm gnutls-c++-3.7.6-23.el9_2.tuxcare.3.els2.x86_64.rpm gnutls-dane-3.7.6-23.el9_2.tuxcare.3.els2.i686.rpm gnutls-dane-3.7.6-23.el9_2.tuxcare.3.els2.x86_64.rpm gnutls-devel-3.7.6-23.el9_2.tuxcare.3.els2.i686.rpm gnutls-devel-3.7.6-23.el9_2.tuxcare.3.els2.x86_64.rpm gnutls-utils-3.7.6-23.el9_2.tuxcare.3.els2.x86_64.rpm

CVEs

CVE-2024-28834
CVE-2024-28835