Release date:
2024-02-08 19:16:44 UTC
Description:
* SECURITY UPDATE: timing side-channel in the RSA-PSK ClientKeyExchange
- debian/patches/nettle-pk-randomness-level.patch: (nettle/pk) use the
appropriate level of randomness for each operation.
- debian/patches/pk-_gnutls_switch_lib_state.patch: (pk) always use
_gnutls_switch_lib_state.
- debian/patches/constant-time-cache-pkcs-1-rsa-decryption.patch: Constant
time/cache PKCS#1 RSA decryption.
- debian/patches/auth-rsa_psk-side-channel.patch: (auth/rsa_psk) side-step
potential side-channel.
- debian/libgnutls30.symbols: add gnutls_privkey_decrypt_data2.
- CVE-2023-5981
Updated packages:
-
gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:8073188bb9f01ebf344caf07eb8e95f1e895b099
-
gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els1_all.deb
sha:2ac10145a340273d015bff4bc75c65292174eb0d
-
libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:e9f1af5e8186d98c2db3c55aaa6ff24e86515219
-
libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:ba88e82082da587a588441422a53482355a3d071
-
libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:c8531252e5ad001c508fbacf7b97c52e22b186c2
-
libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:04b4c16812e9ac9332ab8475a30fe459273efc95
-
libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els1_amd64.deb
sha:baf81afe409780e3a7471f2a81abb34dad9df650
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
