gnutls security update

2024-05-0800:00:00

linux.oracle.com

gnutls update

version 3.8.3-4

fips package change

oracle linux module

security enhancements

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

JSON

[3.8.3-4_fips]

Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35925409]
Update FIPS module name for Oracle Linux [Orabug: 35925409]
[3.8.3-4]
Bump release to ensure el9 package is greater than el9_* packages
[3.8.3-3]
Bump release to ensure el9 package is greater than el9_* packages
[3.8.3-2]
Fix timing side-channel in deterministic ECDSA (RHEL-28959)
Fix potential crash during chain building/verification (RHEL-28954)
[3.8.3-1]
Update to gnutls 3.8.3 (RHEL-14891)
[3.8.2-3]
Skip KTLS test exercising ChaCha20-Poly1305 in TLS 1.3 as well (RHEL-18498)
[3.8.2-2]
Bump nettle dependency to 3.9.1
Skip KTLS test exercising ChaCha20-Poly1305 in TLS 1.2 (RHEL-18498)
[3.8.2-1]
Update to gnutls 3.8.2 (RHEL-14891)

OSVersionArchitecturePackageVersionFilename
oracle linux9srcgnutls< 3.8.3-4.el9_4_fipsgnutls-3.8.3-4.el9_4_fips.src.rpm
oracle linux9aarch64gnutls< 3.8.3-4.el9_4_fipsgnutls-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux9aarch64gnutls-c++< 3.8.3-4.el9_4_fipsgnutls-c++-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux9aarch64gnutls-dane< 3.8.3-4.el9_4_fipsgnutls-dane-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux9aarch64gnutls-devel< 3.8.3-4.el9_4_fipsgnutls-devel-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux9aarch64gnutls-utils< 3.8.3-4.el9_4_fipsgnutls-utils-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux9srcgnutls< 3.8.3-4.el9_4_fipsgnutls-3.8.3-4.el9_4_fips.src.rpm
oracle linux9i686gnutls< 3.8.3-4.el9_4_fipsgnutls-3.8.3-4.el9_4_fips.i686.rpm
oracle linux9x86_64gnutls< 3.8.3-4.el9_4_fipsgnutls-3.8.3-4.el9_4_fips.x86_64.rpm
oracle linux9i686gnutls-c++< 3.8.3-4.el9_4_fipsgnutls-c++-3.8.3-4.el9_4_fips.i686.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	9	src	gnutls	< 3.8.3-4.el9_4_fips	gnutls-3.8.3-4.el9_4_fips.src.rpm
oracle linux	9	aarch64	gnutls	< 3.8.3-4.el9_4_fips	gnutls-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux	9	aarch64	gnutls-c++	< 3.8.3-4.el9_4_fips	gnutls-c++-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux	9	aarch64	gnutls-dane	< 3.8.3-4.el9_4_fips	gnutls-dane-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux	9	aarch64	gnutls-devel	< 3.8.3-4.el9_4_fips	gnutls-devel-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux	9	aarch64	gnutls-utils	< 3.8.3-4.el9_4_fips	gnutls-utils-3.8.3-4.el9_4_fips.aarch64.rpm
oracle linux	9	src	gnutls	< 3.8.3-4.el9_4_fips	gnutls-3.8.3-4.el9_4_fips.src.rpm
oracle linux	9	i686	gnutls	< 3.8.3-4.el9_4_fips	gnutls-3.8.3-4.el9_4_fips.i686.rpm
oracle linux	9	x86_64	gnutls	< 3.8.3-4.el9_4_fips	gnutls-3.8.3-4.el9_4_fips.x86_64.rpm
oracle linux	9	i686	gnutls-c++	< 3.8.3-4.el9_4_fips	gnutls-c++-3.8.3-4.el9_4_fips.i686.rpm