RLSA-2023:1569

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2023:1569.json

Related

• CVE-2023-0361

Published

2023-04-06T15:52:32.606534Z

Modified

2023-04-06T15:54:32.434745Z

Summary

Moderate: gnutls security and bug fix update

Details

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

• gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• trap invalid opcode ip:7feef81809fe sp:7fee997419c0 error:0 in libgnutls.so.30.28.2[7feef8040000+1dd000] (BZ#2131152)

References

• https://errata.rockylinux.org/RLSA-2023:1569
• https://bugzilla.redhat.com/show_bug.cgi?id=2131152
• https://bugzilla.redhat.com/show_bug.cgi?id=2162596