gnutls-3.6.14-8.el8, nettle-3.4.1-4.el8

エラータID: AXSA:2021-1688:01

Release date: 
Monday, April 19, 2021 - 06:03
Subject: 
gnutls-3.6.14-8.el8, nettle-3.4.1-4.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.

Security Fix(es):

* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-20305
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.

Solution: 

Update packages.

CVEs: 
CVE-2021-20305
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.
Additional Info: 

N/A

Download: 

SRPMS
  1. gnutls-3.6.14-8.el8.src.rpm
    MD5: 0244e4d4e231fcfd0373ad94623d877e
    SHA-256: 3105cdf7d2d5e21df5ce2ffcb33bdb4aacf49216a5b395504ad8ea7926cf76d2
    Size: 5.91 MB
  2. nettle-3.4.1-4.el8.src.rpm
    MD5: 8fc32787e9a72fef6dd85146bba2ff4d
    SHA-256: d4d8594aeb5bdd806cd3e0a35f250e1c266e0225d3d56355c6b87509aad258d5
    Size: 1.38 MB

Asianux Server 8 for x86_64
  1. gnutls-3.6.14-8.el8.x86_64.rpm
    MD5: 516940bbe0289b6c9ac4cfc9ea5b9c5e
    SHA-256: eed6da66ea957fa5d38457e8c2db15030642c36d1957c4ab49c5fa5972893e90
    Size: 0.99 MB
  2. gnutls-c++-3.6.14-8.el8.x86_64.rpm
    MD5: 665d21f1c8849bf2125a5cfd77a33104
    SHA-256: af11b8196da4a8d1bf0d5d4ce601f6fa7ba41e4b309ad0b698377aab64b96a70
    Size: 46.80 kB
  3. gnutls-dane-3.6.14-8.el8.x86_64.rpm
    MD5: a8612b5238074cb1754229ba120ed46a
    SHA-256: 77553240c363c534bdec0f524ce967f515d806058391cd5a536334c306372a9e
    Size: 50.03 kB
  4. gnutls-devel-3.6.14-8.el8.x86_64.rpm
    MD5: 806c5f34304a0a2fa77cb29fe6768c2a
    SHA-256: e35e788421d30011364fa4bc71a702dc691c67be44c8fd92649ccd3e7a3481de
    Size: 2.18 MB
  5. gnutls-utils-3.6.14-8.el8.x86_64.rpm
    MD5: 570b7097c90b67da1d60e059b866083f
    SHA-256: 387655ce9539b9452088a99535007fd75309358d40bbb27ab78065dfad37fced
    Size: 346.02 kB
  6. nettle-3.4.1-4.el8.x86_64.rpm
    MD5: 94113da6ad0c1adadc490bb37c23fa99
    SHA-256: c73a2ff9445d89c0f0676c59a03579b31366bb09747f54a3281f661c5cd32fc1
    Size: 299.43 kB
  7. nettle-devel-3.4.1-4.el8.x86_64.rpm
    MD5: cf6d02abd81fee8c430ea5adc29e3b19
    SHA-256: 7095c1ae2ef1b993ffedee32d2864f2535333b149dcbd2a83e3064b786158111
    Size: 634.74 kB
  8. gnutls-3.6.14-8.el8.i686.rpm
    MD5: 8b2340504cede9635e416f38e206b0af
    SHA-256: c16e6cd0b7c6a882380a522db5f17cf8cef68c7c8af7f6a5e0ffc084b64ec433
    Size: 1.00 MB
  9. gnutls-c++-3.6.14-8.el8.i686.rpm
    MD5: 812c6b63b24222d56dd2cc94d837baa4
    SHA-256: 6a03c4fc169a5351fb98ff6c5d4022a64904355baa2fa7287f5ddb20d8e37369
    Size: 47.87 kB
  10. gnutls-dane-3.6.14-8.el8.i686.rpm
    MD5: e86a3e7263800c9aafd409f36ce49f8b
    SHA-256: 13d7806e1235ce26f85d45d13838360b1d5e3002d5002986026e27d3325cedcb
    Size: 50.92 kB
  11. gnutls-devel-3.6.14-8.el8.i686.rpm
    MD5: de7f20299ff79ef55af1a95ccb630e3c
    SHA-256: c458023804be68a2e31e6fad60ee9b49947945cd9a4809350e863951bbf6fbf8
    Size: 2.18 MB
  12. nettle-3.4.1-4.el8.i686.rpm
    MD5: a28b122a1d08b49e23f05581c721f58d
    SHA-256: cbe4825ec8c0ca872f5b01c7104f374e2304d74d065fcad570ae232f6920a942
    Size: 319.25 kB
  13. nettle-devel-3.4.1-4.el8.i686.rpm
    MD5: 4948064a1e01db07a9a44b4260059ef9
    SHA-256: bab54449ea1d780dd6c2e0f8229c79521ca9e961644002de2b0ccbbb644be075
    Size: 634.76 kB