ALSA-2023:1569

Source

https://errata.almalinux.org/8/ALSA-2023-1569.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2023:1569.json

Related

CVE-2023-0361

Published

2023-04-04T00:00:00Z

Modified

2023-04-05T12:14:32Z

Summary

Moderate: gnutls security and bug fix update

Details

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

trap invalid opcode ip:7feef81809fe sp:7fee997419c0 error:0 in libgnutls.so.30.28.2[7feef8040000+1dd000] (BZ#2131152)

References

Affected packages

AlmaLinux:8 / gnutls

Package

Name: gnutls

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.6.16-6.el8_7

AlmaLinux:8 / gnutls-c++

Package

Name: gnutls-c++

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.6.16-6.el8_7

AlmaLinux:8 / gnutls-dane

Package

Name: gnutls-dane

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.6.16-6.el8_7

AlmaLinux:8 / gnutls-devel

Package

Name: gnutls-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.6.16-6.el8_7

AlmaLinux:8 / gnutls-utils

Package

Name: gnutls-utils

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.6.16-6.el8_7