gnutls-3.6.8-11.el8

エラータID: AXSA:2020-604:01

Release date: 
Tuesday, October 6, 2020 - 13:13
Subject: 
gnutls-3.6.8-11.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: session resumption works without master key allowing MITM (CVE-2020-13777)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.

Solution: 

Update packages.

CVEs: 
CVE-2020-13777
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
Additional Info: 

N/A

Download: 

SRPMS
  1. gnutls-3.6.8-11.el8.src.rpm
    MD5: 4cea7ac02e9a27b2d61bdf6227727bd7
    SHA-256: fa293e0b008ccb24cd384cae03c41b05fe81c73006c80f0911255b8da0bce5f0
    Size: 5.59 MB

Asianux Server 8 for x86_64
  1. gnutls-3.6.8-11.el8.x86_64.rpm
    MD5: 211196ac7190b3adbdf34e0ac984104e
    SHA-256: 92eeb4be7f7a89f9771a26284298d1785c701e9e03a9f507d7fa5958a9694e3e
    Size: 913.47 kB
  2. gnutls-c++-3.6.8-11.el8.x86_64.rpm
    MD5: d3d741f3b60ce4ea803b07b9eae1bb0e
    SHA-256: 296e8b3a99caa56fe104ace30debfa78a38735772b01ebc235593d44af1ddf05
    Size: 45.31 kB
  3. gnutls-dane-3.6.8-11.el8.x86_64.rpm
    MD5: 04a6f4058a51700f7d31dc2b9cc937f5
    SHA-256: eb5887223bb1b8396885c6914e9cf575f319bc5f2ebe47ee7254b4683638f2f5
    Size: 43.91 kB
  4. gnutls-devel-3.6.8-11.el8.x86_64.rpm
    MD5: fea006af2d52c742e476d7ecdd377d42
    SHA-256: c8da7e82a17812d0ecae3f0ad44809b47bd8a9e9d3f2c32cb6deb5eb8aab153e
    Size: 2.15 MB
  5. gnutls-utils-3.6.8-11.el8.x86_64.rpm
    MD5: 89435e13a88952207c37e9333dcf26d2
    SHA-256: f29d331e5d0cdcb58643a56b8440b2f9f360cd14e60f12c387cd1c4a5e7f72c2
    Size: 338.92 kB
  6. gnutls-3.6.8-11.el8.i686.rpm
    MD5: c1926a268a6888cc1cdfd6d34651d1ec
    SHA-256: a4bf617254ba69a2b626ea256a8db77d0a79d5b78afe8c744f1a1fdc74f5ab03
    Size: 937.53 kB
  7. gnutls-c++-3.6.8-11.el8.i686.rpm
    MD5: 981530c692fcfc1a334b59720148404c
    SHA-256: 8db285568d9cfa96f60b1390aecb7e97a41864e33963b2a2102e4fd06f64ee4f
    Size: 46.46 kB
  8. gnutls-dane-3.6.8-11.el8.i686.rpm
    MD5: 6804a628ab3788a2817c13197d003abb
    SHA-256: 14ffe900b2b999159d3332df9a063b006179897f54eba141b8931bde7f238308
    Size: 44.49 kB
  9. gnutls-devel-3.6.8-11.el8.i686.rpm
    MD5: cabe15f55a6417d196ca62b13325c9a0
    SHA-256: c4f715d4a3d42e5cdfc5eb9b11c36ee4b4ca4887950d6b168cdc096ebb1d6085
    Size: 2.15 MB