gnutls-3.6.16-6.el8

エラータID: AXSA:2023-5270:02

Release date: 
Thursday, April 6, 2023 - 08:03
Subject: 
gnutls-3.6.16-6.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* trap invalid opcode ip:7feef81809fe sp:7fee997419c0 error:0 in libgnutls.so.30.28.2[7feef8040000+1dd000]

CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

Solution: 

Update packages.

CVEs: 
CVE-2023-0361
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
Additional Info: 

N/A

Download: 

SRPMS
  1. gnutls-3.6.16-6.el8.src.rpm
    MD5: 1e07ed728880c3904e8be042f992dd0a
    SHA-256: 29f5b89601083ad35105cf0bf898a1ff9f63d4d5253809c9e5e21e5c22148fca
    Size: 5.49 MB

Asianux Server 8 for x86_64
  1. gnutls-3.6.16-6.el8.i686.rpm
    MD5: 6e99f3701ce36b1c28aaaa8441465e86
    SHA-256: 6347d0d5825e0425e3c34c0013c07c3b7302d2c330ce87caec74083fbba912f9
    Size: 1.01 MB
  2. gnutls-3.6.16-6.el8.x86_64.rpm
    MD5: 9d72c79bad22b7bb91c53ebc02a83d3f
    SHA-256: c0ef6db6e75f675195d835184b432fd83cd763dd91cea1f01d2786a2af15772e
    Size: 0.99 MB
  3. gnutls-c++-3.6.16-6.el8.i686.rpm
    MD5: 10a194cadeb240f89c14ca8f6a29a12b
    SHA-256: 766a7e26da2d5ab63f0c9e21ca1074ab18b203bd96a894ab8c1b5463ee6a0ad4
    Size: 49.03 kB
  4. gnutls-c++-3.6.16-6.el8.x86_64.rpm
    MD5: 0b2ac676f794d7f685efb814b6937be2
    SHA-256: 07f4196c97dad9288d7ce8d7625fba4d396afa53031d9673a13c234404499730
    Size: 47.98 kB
  5. gnutls-dane-3.6.16-6.el8.i686.rpm
    MD5: 44efa0f1aa314e22eaa179e601c83653
    SHA-256: 6dc86d258f50ec6e1a57bf1ffb931ff6d59cb37386e9dd5a570387abacf76ad8
    Size: 52.19 kB
  6. gnutls-dane-3.6.16-6.el8.x86_64.rpm
    MD5: 944f835fabbc1af704e7d5238fc93f34
    SHA-256: 43886e5d25fb093fd2e17d1648f184e59a061105695d2a3459a6e02108f49cf3
    Size: 51.34 kB
  7. gnutls-devel-3.6.16-6.el8.i686.rpm
    MD5: 61c3dfbb014aeb2c7786216684464dcf
    SHA-256: c4167efe437f6528e8d57b1d9cf777282203ea755461d2e3839e3acd3954004b
    Size: 2.18 MB
  8. gnutls-devel-3.6.16-6.el8.x86_64.rpm
    MD5: 6d838385db8b409216ac4caa70e2a6c4
    SHA-256: 289fffc710e47690cc345bc53957fb9962df7173efa2100cd9ae58ebf96090cd
    Size: 2.18 MB
  9. gnutls-utils-3.6.16-6.el8.x86_64.rpm
    MD5: 7d6ba3f8b9346a67f91aea950899f1ca
    SHA-256: 7587d721b82acebef2114aa06d48b507e2bf0dbb89be0b0b611355d3304c164f
    Size: 347.53 kB