gnutls-3.6.16-8.el8_9.3.ML.1

エラータID: AXSA:2024-7683:04

Release date: 
Monday, April 15, 2024 - 15:53
Subject: 
gnutls-3.6.16-8.el8_9.3.ML.1
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

This package update fixes a timing side-channel in deterministic ECDSA.

Security Fix(es):

* gnutls: vulnerable to Minerva side-channel information leak (CVE-2024-28834)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2024-28834
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.

Solution: 

Update packages.

CVEs: 
CVE-2024-28834
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Additional Info: 

N/A

Download: 

SRPMS
  1. gnutls-3.6.16-8.el8_9.3.ML.1.src.rpm
    MD5: 010244cede85d710c17190d930d0ac4c
    SHA-256: 187b1bda11eef584bba200c5fee0440728d2eba9757b8cfbd16459f61bcff7d0
    Size: 5.50 MB

Asianux Server 8 for x86_64
  1. gnutls-3.6.16-8.el8_9.3.ML.1.i686.rpm
    MD5: e55aad32662d5be33d5c62a900a0b9c8
    SHA-256: ab95dac9ff4787140b379fdfe5923d5a7430c65658b9680f8486c362a14f175e
    Size: 1.01 MB
  2. gnutls-3.6.16-8.el8_9.3.ML.1.x86_64.rpm
    MD5: b1beea6348bf44b0e1567b791f7b9933
    SHA-256: 72f7d58aa61424d6daf3df1425c98c0a4621b8d62744bfea56594d9cbfbb85b2
    Size: 0.99 MB
  3. gnutls-c++-3.6.16-8.el8_9.3.ML.1.i686.rpm
    MD5: 52bb469e7f31d3f9cc7f50f7b5656fa2
    SHA-256: f54b9d0ad1275b569cbf0edcdb9c94bce94cdb90dc5a6d706d30e2001ecbdfce
    Size: 49.72 kB
  4. gnutls-c++-3.6.16-8.el8_9.3.ML.1.x86_64.rpm
    MD5: e89699610c62848fb6638b117b951633
    SHA-256: c62b93797adb35047b083c8173a5a0e70af313fc14ab9d8ea356467048eb05e4
    Size: 48.64 kB
  5. gnutls-dane-3.6.16-8.el8_9.3.ML.1.i686.rpm
    MD5: 8fbe8febb6ba586ad145723f1fd4031e
    SHA-256: ecb0ad8575c349ec62e63f5fa1c5b8c7e11aa16417037365dc3af83e55b42b92
    Size: 52.94 kB
  6. gnutls-dane-3.6.16-8.el8_9.3.ML.1.x86_64.rpm
    MD5: 4622bf603f8b9d0e38551ae32e4fb9c0
    SHA-256: ff040a4f4dd8f26adb4e8603084e305a32dcb5dc378c32f29146cfe19c11bdfe
    Size: 52.05 kB
  7. gnutls-devel-3.6.16-8.el8_9.3.ML.1.i686.rpm
    MD5: eacbfb0e4c427fe9a5cb54798b2f7376
    SHA-256: b6e1a0b693af7ae1a66e0cc3a6103aca5c448b4fde989615ce3aaae971e86749
    Size: 2.18 MB
  8. gnutls-devel-3.6.16-8.el8_9.3.ML.1.x86_64.rpm
    MD5: 9866bb92c26af77913a7350c5cfb4a77
    SHA-256: 28d0b59d5394c6b75ee77065700a319cb3da3f914075dad467bd769e42357494
    Size: 2.18 MB
  9. gnutls-utils-3.6.16-8.el8_9.3.ML.1.x86_64.rpm
    MD5: a1940fadbf5cc1a7d0cb696ac6ff7c8f
    SHA-256: d276df186342ca97edccb1d92e8b6659d12a3d68423003d15ead977872d884ed
    Size: 348.22 kB