Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1200: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.
Red Hat Security Data
#vulnerability#linux#red_hat#c++#ibm#sap#ssl

Synopsis

Moderate: gnutls security and bug fix update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gnutls is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

  • gnutls: timing side-channel in the TLS RSA key exchange code (CVE-2023-0361)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • CCM tag length should be limited to known values (BZ#2144536)
  • In FIPS mode, gnutls should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144538)
  • dracut-cmdline[554]: Error in GnuTLS initialization: Error while performing self checks i FIPS mode (BZ#2149641)

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2144538 - In FIPS mode, gnutls should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator [rhel-9.0.0.z]
  • BZ - 2149641 - dracut-cmdline[554]: Error in GnuTLS initialization: Error while performing self checks i FIPS mode [rhel-9.0.0.z]
  • BZ - 2162596 - CVE-2023-0361 gnutls: timing side-channel in the TLS RSA key exchange code

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

x86_64

gnutls-3.7.6-18.el9_0.i686.rpm

SHA-256: af6de5969a20955466d095c16c58e3ed971e098dbb4ad1dbe4b1ea15fc80312f

gnutls-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 20a1eda0cf9889ac01f269236416388fa77f2728c0e716eee1fd052d3ac7c652

gnutls-c+±3.7.6-18.el9_0.i686.rpm

SHA-256: 89386bf5399db2080a051c7d7fc9ead45d23dac057d7d05d8a43e1923bf95481

gnutls-c+±3.7.6-18.el9_0.x86_64.rpm

SHA-256: da34d1651603f3d4f85ebb29ff21037b2bfd3ff197d74610d51346648137e7c2

gnutls-c+±debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5c27bf7054eefc1d5748b8ed169b7c0b990554790a39c2ffc677e96d7792c397

gnutls-c+±debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5c27bf7054eefc1d5748b8ed169b7c0b990554790a39c2ffc677e96d7792c397

gnutls-c+±debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: ad4edf4b42b74a1d3aa054145e84a5753e80462dc4ba27dc21dbb3d9bb244bc0

gnutls-c+±debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: ad4edf4b42b74a1d3aa054145e84a5753e80462dc4ba27dc21dbb3d9bb244bc0

gnutls-dane-3.7.6-18.el9_0.i686.rpm

SHA-256: 1694ded42187f4f4b5f5e4642095ac25ba071278fbb0a5bd2c4b47f50f1a80dd

gnutls-dane-3.7.6-18.el9_0.x86_64.rpm

SHA-256: bb8c1c13b9c3c2ab3b9ee20179c681dd407b392bf732cfde51e1c5f743133f76

gnutls-dane-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: d966cb2139fe02aa1bff4e3e8c4a153db142ccd1a2ff7519cab6ddff8ad681fc

gnutls-dane-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: d966cb2139fe02aa1bff4e3e8c4a153db142ccd1a2ff7519cab6ddff8ad681fc

gnutls-dane-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: f10d18d64498f3ae2900f11b9a28052a63a63374f62af3facd9d0f64c51576ff

gnutls-dane-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: f10d18d64498f3ae2900f11b9a28052a63a63374f62af3facd9d0f64c51576ff

gnutls-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 8a5370d9515269d2c390e6d378a3756f9fe099560efeeb7cd73345d865b39e68

gnutls-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 8a5370d9515269d2c390e6d378a3756f9fe099560efeeb7cd73345d865b39e68

gnutls-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 62dc56f4411a70005f58a46d7c266fe4926c99e1cf987b81d815723f05473a8c

gnutls-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 62dc56f4411a70005f58a46d7c266fe4926c99e1cf987b81d815723f05473a8c

gnutls-debugsource-3.7.6-18.el9_0.i686.rpm

SHA-256: 3fe0b267fe45162ee2c76da7717d2fb95a926eb44e94b7ea3f557c998fa62900

gnutls-debugsource-3.7.6-18.el9_0.i686.rpm

SHA-256: 3fe0b267fe45162ee2c76da7717d2fb95a926eb44e94b7ea3f557c998fa62900

gnutls-debugsource-3.7.6-18.el9_0.x86_64.rpm

SHA-256: b1d97d2ae239f21a2a95214aba972c19231caf9c0756fb756f1b12901c967501

gnutls-debugsource-3.7.6-18.el9_0.x86_64.rpm

SHA-256: b1d97d2ae239f21a2a95214aba972c19231caf9c0756fb756f1b12901c967501

gnutls-devel-3.7.6-18.el9_0.i686.rpm

SHA-256: 28e2eac2accbfb1f74e370b78b9f41fe08a5d5e2457713d778d3a41f05242607

gnutls-devel-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 890c79967b1cb5a69bd0aba1858be3d51a4694227f1107d551a81a6b0013fa0d

gnutls-utils-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 83e14a116ebce742df9c03bf2b90c4d7aa65ab4d3332274022171eb0e7856528

gnutls-utils-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5b2b0b27b462382fe46081b2abe54f912c2a599bbc5a7fd6cadc5e961479d15c

gnutls-utils-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5b2b0b27b462382fe46081b2abe54f912c2a599bbc5a7fd6cadc5e961479d15c

gnutls-utils-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 1ea3283ee4ad1d839f75cb5a9d760800bbabca069930fb2891e231ce64d0bd48

gnutls-utils-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 1ea3283ee4ad1d839f75cb5a9d760800bbabca069930fb2891e231ce64d0bd48

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

s390x

gnutls-3.7.6-18.el9_0.s390x.rpm

SHA-256: bf5afc0c760661209952249b604e4e55edfada362edf93c24385721c5abaf85b

gnutls-c+±3.7.6-18.el9_0.s390x.rpm

SHA-256: 29ba32ae09fc7c7b5fb5ebcaba93b2077c5e6e6d6f925fc8194bd5d7cb3d169f

gnutls-c+±debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 5d9d9e2a9bfffa399c5f712da7c00ad989ed91391ec2cfbf1dfaf03449798a4e

gnutls-c+±debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 5d9d9e2a9bfffa399c5f712da7c00ad989ed91391ec2cfbf1dfaf03449798a4e

gnutls-dane-3.7.6-18.el9_0.s390x.rpm

SHA-256: eeefd5b47316464b0c41f9f2864bc4a632f922e136bf45f65c2a9e37ca00858b

gnutls-dane-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 6e11af712e13eee414423eb5df6cb440fc4b2a305ab5def1a4384c35da485956

gnutls-dane-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 6e11af712e13eee414423eb5df6cb440fc4b2a305ab5def1a4384c35da485956

gnutls-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: e5d4c85be32ef3d0868a1fb19f6902036b78e7524a5c24ff250e9274ca29b211

gnutls-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: e5d4c85be32ef3d0868a1fb19f6902036b78e7524a5c24ff250e9274ca29b211

gnutls-debugsource-3.7.6-18.el9_0.s390x.rpm

SHA-256: f0783f2e062d3defe23208e7bae11a69bf03d36f2237926406d8325c55f95b7e

gnutls-debugsource-3.7.6-18.el9_0.s390x.rpm

SHA-256: f0783f2e062d3defe23208e7bae11a69bf03d36f2237926406d8325c55f95b7e

gnutls-devel-3.7.6-18.el9_0.s390x.rpm

SHA-256: e82d5a4deb337d0fed63bbe2456b19471e9dc45f23b988fc1ef081d706291553

gnutls-utils-3.7.6-18.el9_0.s390x.rpm

SHA-256: 45e4a654c31149958f7d9e513318cb3022622e62c0f14e0d4cf6de094b28eaab

gnutls-utils-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 38d4353eded8aea7b64118373969e34fb3a9fc831421c69fc58bab55df722fbd

gnutls-utils-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 38d4353eded8aea7b64118373969e34fb3a9fc831421c69fc58bab55df722fbd

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

ppc64le

gnutls-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c273ab2078ebf2eb8a4ff83bd21979e7d3873105a250fba24ad7f329c12bee43

gnutls-c+±3.7.6-18.el9_0.ppc64le.rpm

SHA-256: b0ccd434945a7b701e93577904c54850e6b59210e9b5779955cbc44c6beedaa0

gnutls-c+±debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 7bd1f789672dae163b9148032cbd4efa1a81d28cede792fd86820e2a0869bc63

gnutls-c+±debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 7bd1f789672dae163b9148032cbd4efa1a81d28cede792fd86820e2a0869bc63

gnutls-dane-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: f2fc5a277b831f9f2d04e75d6eb6ac56643197e77a106ba2f548f0922ee1e4d8

gnutls-dane-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 8d0d969ee3ee4c472c5e979a6cd793f1d2ce2ff988372e5376ea7bc326c7d599

gnutls-dane-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 8d0d969ee3ee4c472c5e979a6cd793f1d2ce2ff988372e5376ea7bc326c7d599

gnutls-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c17b5e96c6b27989fa74e6da417abd29b67511e33d5730eb13c892715970180c

gnutls-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c17b5e96c6b27989fa74e6da417abd29b67511e33d5730eb13c892715970180c

gnutls-debugsource-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 297ff839883aa156251a6bf18f58870b8b17abbb5141a346e0e3f222c48f9d24

gnutls-debugsource-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 297ff839883aa156251a6bf18f58870b8b17abbb5141a346e0e3f222c48f9d24

gnutls-devel-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: f75e2495350d072e56132437d082405ef35f63f737e8c7c55fde15a979ac16db

gnutls-utils-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: fa33aa97ad5fa2be7c4c941079f3fa012251e7de7c609ef64d627d8bf0754f54

gnutls-utils-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: dfd8101b684dbf0fc4a126d466c3fc3b78823947b573f63180f652fc2d1f6c89

gnutls-utils-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: dfd8101b684dbf0fc4a126d466c3fc3b78823947b573f63180f652fc2d1f6c89

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

aarch64

gnutls-3.7.6-18.el9_0.aarch64.rpm

SHA-256: b2055fb7e3d370a3662dbc32acdd42e312c62fe32dc5d5d1a2cdcc0239808cbe

gnutls-c+±3.7.6-18.el9_0.aarch64.rpm

SHA-256: bf74822ab612110b2c32408a4b26a49672b4506433af6ff1b876351cc85a6645

gnutls-c+±debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9ebdadc9d92c802b19f60dedc210e6726822cc2f43ab83376e21312c7b1ec594

gnutls-c+±debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9ebdadc9d92c802b19f60dedc210e6726822cc2f43ab83376e21312c7b1ec594

gnutls-dane-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 4635225e6e9395a7ce01827e301cb608d1bfaca22ef525e4ed5bc26a8e21be36

gnutls-dane-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 43bf73ec4658a28b40996b86c3c02d572a18cd94b4d6c3150d52e3f09b15f46a

gnutls-dane-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 43bf73ec4658a28b40996b86c3c02d572a18cd94b4d6c3150d52e3f09b15f46a

gnutls-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9fac84c917e323092b7dd2dabca39c036eeeb4a9e4dceb28a72147669e884764

gnutls-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9fac84c917e323092b7dd2dabca39c036eeeb4a9e4dceb28a72147669e884764

gnutls-debugsource-3.7.6-18.el9_0.aarch64.rpm

SHA-256: adf6ebfbba99c50c42df6a5e46e48f69ca7e755fd95c2942e442905a62dccd37

gnutls-debugsource-3.7.6-18.el9_0.aarch64.rpm

SHA-256: adf6ebfbba99c50c42df6a5e46e48f69ca7e755fd95c2942e442905a62dccd37

gnutls-devel-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 4d48687b07a8da0e3b2a90439571540de6b616bbc05b8ddc104c6d5370f941b2

gnutls-utils-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d46fb428859c269f475c76f6f4d849f8c9053b6c3fcb27285b11515d34f2fd70

gnutls-utils-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d1f37a94f24b05066ad5ccf243de425f6f986874b0268352e3b01746f9c261ef

gnutls-utils-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d1f37a94f24b05066ad5ccf243de425f6f986874b0268352e3b01746f9c261ef

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

ppc64le

gnutls-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c273ab2078ebf2eb8a4ff83bd21979e7d3873105a250fba24ad7f329c12bee43

gnutls-c+±3.7.6-18.el9_0.ppc64le.rpm

SHA-256: b0ccd434945a7b701e93577904c54850e6b59210e9b5779955cbc44c6beedaa0

gnutls-c+±debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 7bd1f789672dae163b9148032cbd4efa1a81d28cede792fd86820e2a0869bc63

gnutls-c+±debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 7bd1f789672dae163b9148032cbd4efa1a81d28cede792fd86820e2a0869bc63

gnutls-dane-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: f2fc5a277b831f9f2d04e75d6eb6ac56643197e77a106ba2f548f0922ee1e4d8

gnutls-dane-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 8d0d969ee3ee4c472c5e979a6cd793f1d2ce2ff988372e5376ea7bc326c7d599

gnutls-dane-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 8d0d969ee3ee4c472c5e979a6cd793f1d2ce2ff988372e5376ea7bc326c7d599

gnutls-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c17b5e96c6b27989fa74e6da417abd29b67511e33d5730eb13c892715970180c

gnutls-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: c17b5e96c6b27989fa74e6da417abd29b67511e33d5730eb13c892715970180c

gnutls-debugsource-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 297ff839883aa156251a6bf18f58870b8b17abbb5141a346e0e3f222c48f9d24

gnutls-debugsource-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: 297ff839883aa156251a6bf18f58870b8b17abbb5141a346e0e3f222c48f9d24

gnutls-devel-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: f75e2495350d072e56132437d082405ef35f63f737e8c7c55fde15a979ac16db

gnutls-utils-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: fa33aa97ad5fa2be7c4c941079f3fa012251e7de7c609ef64d627d8bf0754f54

gnutls-utils-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: dfd8101b684dbf0fc4a126d466c3fc3b78823947b573f63180f652fc2d1f6c89

gnutls-utils-debuginfo-3.7.6-18.el9_0.ppc64le.rpm

SHA-256: dfd8101b684dbf0fc4a126d466c3fc3b78823947b573f63180f652fc2d1f6c89

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

x86_64

gnutls-3.7.6-18.el9_0.i686.rpm

SHA-256: af6de5969a20955466d095c16c58e3ed971e098dbb4ad1dbe4b1ea15fc80312f

gnutls-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 20a1eda0cf9889ac01f269236416388fa77f2728c0e716eee1fd052d3ac7c652

gnutls-c+±3.7.6-18.el9_0.i686.rpm

SHA-256: 89386bf5399db2080a051c7d7fc9ead45d23dac057d7d05d8a43e1923bf95481

gnutls-c+±3.7.6-18.el9_0.x86_64.rpm

SHA-256: da34d1651603f3d4f85ebb29ff21037b2bfd3ff197d74610d51346648137e7c2

gnutls-c+±debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5c27bf7054eefc1d5748b8ed169b7c0b990554790a39c2ffc677e96d7792c397

gnutls-c+±debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5c27bf7054eefc1d5748b8ed169b7c0b990554790a39c2ffc677e96d7792c397

gnutls-c+±debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: ad4edf4b42b74a1d3aa054145e84a5753e80462dc4ba27dc21dbb3d9bb244bc0

gnutls-c+±debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: ad4edf4b42b74a1d3aa054145e84a5753e80462dc4ba27dc21dbb3d9bb244bc0

gnutls-dane-3.7.6-18.el9_0.i686.rpm

SHA-256: 1694ded42187f4f4b5f5e4642095ac25ba071278fbb0a5bd2c4b47f50f1a80dd

gnutls-dane-3.7.6-18.el9_0.x86_64.rpm

SHA-256: bb8c1c13b9c3c2ab3b9ee20179c681dd407b392bf732cfde51e1c5f743133f76

gnutls-dane-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: d966cb2139fe02aa1bff4e3e8c4a153db142ccd1a2ff7519cab6ddff8ad681fc

gnutls-dane-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: d966cb2139fe02aa1bff4e3e8c4a153db142ccd1a2ff7519cab6ddff8ad681fc

gnutls-dane-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: f10d18d64498f3ae2900f11b9a28052a63a63374f62af3facd9d0f64c51576ff

gnutls-dane-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: f10d18d64498f3ae2900f11b9a28052a63a63374f62af3facd9d0f64c51576ff

gnutls-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 8a5370d9515269d2c390e6d378a3756f9fe099560efeeb7cd73345d865b39e68

gnutls-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 8a5370d9515269d2c390e6d378a3756f9fe099560efeeb7cd73345d865b39e68

gnutls-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 62dc56f4411a70005f58a46d7c266fe4926c99e1cf987b81d815723f05473a8c

gnutls-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 62dc56f4411a70005f58a46d7c266fe4926c99e1cf987b81d815723f05473a8c

gnutls-debugsource-3.7.6-18.el9_0.i686.rpm

SHA-256: 3fe0b267fe45162ee2c76da7717d2fb95a926eb44e94b7ea3f557c998fa62900

gnutls-debugsource-3.7.6-18.el9_0.i686.rpm

SHA-256: 3fe0b267fe45162ee2c76da7717d2fb95a926eb44e94b7ea3f557c998fa62900

gnutls-debugsource-3.7.6-18.el9_0.x86_64.rpm

SHA-256: b1d97d2ae239f21a2a95214aba972c19231caf9c0756fb756f1b12901c967501

gnutls-debugsource-3.7.6-18.el9_0.x86_64.rpm

SHA-256: b1d97d2ae239f21a2a95214aba972c19231caf9c0756fb756f1b12901c967501

gnutls-devel-3.7.6-18.el9_0.i686.rpm

SHA-256: 28e2eac2accbfb1f74e370b78b9f41fe08a5d5e2457713d778d3a41f05242607

gnutls-devel-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 890c79967b1cb5a69bd0aba1858be3d51a4694227f1107d551a81a6b0013fa0d

gnutls-utils-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 83e14a116ebce742df9c03bf2b90c4d7aa65ab4d3332274022171eb0e7856528

gnutls-utils-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5b2b0b27b462382fe46081b2abe54f912c2a599bbc5a7fd6cadc5e961479d15c

gnutls-utils-debuginfo-3.7.6-18.el9_0.i686.rpm

SHA-256: 5b2b0b27b462382fe46081b2abe54f912c2a599bbc5a7fd6cadc5e961479d15c

gnutls-utils-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 1ea3283ee4ad1d839f75cb5a9d760800bbabca069930fb2891e231ce64d0bd48

gnutls-utils-debuginfo-3.7.6-18.el9_0.x86_64.rpm

SHA-256: 1ea3283ee4ad1d839f75cb5a9d760800bbabca069930fb2891e231ce64d0bd48

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

aarch64

gnutls-3.7.6-18.el9_0.aarch64.rpm

SHA-256: b2055fb7e3d370a3662dbc32acdd42e312c62fe32dc5d5d1a2cdcc0239808cbe

gnutls-c+±3.7.6-18.el9_0.aarch64.rpm

SHA-256: bf74822ab612110b2c32408a4b26a49672b4506433af6ff1b876351cc85a6645

gnutls-c+±debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9ebdadc9d92c802b19f60dedc210e6726822cc2f43ab83376e21312c7b1ec594

gnutls-c+±debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9ebdadc9d92c802b19f60dedc210e6726822cc2f43ab83376e21312c7b1ec594

gnutls-dane-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 4635225e6e9395a7ce01827e301cb608d1bfaca22ef525e4ed5bc26a8e21be36

gnutls-dane-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 43bf73ec4658a28b40996b86c3c02d572a18cd94b4d6c3150d52e3f09b15f46a

gnutls-dane-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 43bf73ec4658a28b40996b86c3c02d572a18cd94b4d6c3150d52e3f09b15f46a

gnutls-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9fac84c917e323092b7dd2dabca39c036eeeb4a9e4dceb28a72147669e884764

gnutls-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 9fac84c917e323092b7dd2dabca39c036eeeb4a9e4dceb28a72147669e884764

gnutls-debugsource-3.7.6-18.el9_0.aarch64.rpm

SHA-256: adf6ebfbba99c50c42df6a5e46e48f69ca7e755fd95c2942e442905a62dccd37

gnutls-debugsource-3.7.6-18.el9_0.aarch64.rpm

SHA-256: adf6ebfbba99c50c42df6a5e46e48f69ca7e755fd95c2942e442905a62dccd37

gnutls-devel-3.7.6-18.el9_0.aarch64.rpm

SHA-256: 4d48687b07a8da0e3b2a90439571540de6b616bbc05b8ddc104c6d5370f941b2

gnutls-utils-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d46fb428859c269f475c76f6f4d849f8c9053b6c3fcb27285b11515d34f2fd70

gnutls-utils-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d1f37a94f24b05066ad5ccf243de425f6f986874b0268352e3b01746f9c261ef

gnutls-utils-debuginfo-3.7.6-18.el9_0.aarch64.rpm

SHA-256: d1f37a94f24b05066ad5ccf243de425f6f986874b0268352e3b01746f9c261ef

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

gnutls-3.7.6-18.el9_0.src.rpm

SHA-256: 8ff4cb79d327de99b6aec3096ee2093eb63576404b97c9ed65edf1ecfb20fa97

s390x

gnutls-3.7.6-18.el9_0.s390x.rpm

SHA-256: bf5afc0c760661209952249b604e4e55edfada362edf93c24385721c5abaf85b

gnutls-c+±3.7.6-18.el9_0.s390x.rpm

SHA-256: 29ba32ae09fc7c7b5fb5ebcaba93b2077c5e6e6d6f925fc8194bd5d7cb3d169f

gnutls-c+±debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 5d9d9e2a9bfffa399c5f712da7c00ad989ed91391ec2cfbf1dfaf03449798a4e

gnutls-c+±debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 5d9d9e2a9bfffa399c5f712da7c00ad989ed91391ec2cfbf1dfaf03449798a4e

gnutls-dane-3.7.6-18.el9_0.s390x.rpm

SHA-256: eeefd5b47316464b0c41f9f2864bc4a632f922e136bf45f65c2a9e37ca00858b

gnutls-dane-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 6e11af712e13eee414423eb5df6cb440fc4b2a305ab5def1a4384c35da485956

gnutls-dane-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 6e11af712e13eee414423eb5df6cb440fc4b2a305ab5def1a4384c35da485956

gnutls-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: e5d4c85be32ef3d0868a1fb19f6902036b78e7524a5c24ff250e9274ca29b211

gnutls-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: e5d4c85be32ef3d0868a1fb19f6902036b78e7524a5c24ff250e9274ca29b211

gnutls-debugsource-3.7.6-18.el9_0.s390x.rpm

SHA-256: f0783f2e062d3defe23208e7bae11a69bf03d36f2237926406d8325c55f95b7e

gnutls-debugsource-3.7.6-18.el9_0.s390x.rpm

SHA-256: f0783f2e062d3defe23208e7bae11a69bf03d36f2237926406d8325c55f95b7e

gnutls-devel-3.7.6-18.el9_0.s390x.rpm

SHA-256: e82d5a4deb337d0fed63bbe2456b19471e9dc45f23b988fc1ef081d706291553

gnutls-utils-3.7.6-18.el9_0.s390x.rpm

SHA-256: 45e4a654c31149958f7d9e513318cb3022622e62c0f14e0d4cf6de094b28eaab

gnutls-utils-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 38d4353eded8aea7b64118373969e34fb3a9fc831421c69fc58bab55df722fbd

gnutls-utils-debuginfo-3.7.6-18.el9_0.s390x.rpm

SHA-256: 38d4353eded8aea7b64118373969e34fb3a9fc831421c69fc58bab55df722fbd

Related news

Red Hat Security Advisory 2023-5103-01

Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.

Red Hat Security Advisory 2023-4576-01

Red Hat Security Advisory 2023-4576-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.

RHSA-2023:4488: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.1[security update]

The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...

RHSA-2023:4053: Red Hat Security Advisory: OpenShift Container Platform 4.11.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...

RHSA-2023:4113: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.5 security update

Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...

Red Hat Security Advisory 2023-3813-01

Red Hat Security Advisory 2023-3813-01 - An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8.

Red Hat Security Advisory 2023-3742-02

Red Hat Security Advisory 2023-3742-02 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include bypass, denial of service, and remote SQL injection vulnerabilities.

RHSA-2023:3742: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update

Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4.13.0 on Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-16250: A flaw was found in Vault and Vault Enterprise (“Vault”). In the affected versions of Vault, with the AWS Auth Method configured and under certain circumstances, the values relied upon by Vault to validate AWS IAM ident...

RHSA-2023:3664: Red Hat Security Advisory: OpenShift Jenkins image and Jenkins agent base image security update

Release of Bug Advisories for the OpenShift Jenkins image and Jenkins agent base image. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling, but only if combined with an intermediate server that also improperly accepts the header as invalid. * CVE-2022-2880: A flaw was found in the golang package, where reques...

RHSA-2023:3645: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.7 security update

Red Hat OpenShift Service Mesh 2.2.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20329: A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled documents. * CVE-2021-43138: A vulnerability was found in the async package. This flaw allows a malicious user to obtai...

RHSA-2023:3542: Red Hat Security Advisory: OpenShift Container Platform 4.11.43 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows a...

Red Hat Security Advisory 2023-3361-01

Red Hat Security Advisory 2023-3361-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

RHSA-2023:3373: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-41854: Those using Sn...

Red Hat Security Advisory 2023-3325-01

Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

RHSA-2023:3325: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.7 security fixes and container updates

Multicluster Engine for Kubernetes 2.1.7 General Availability release images, which address security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a ho...

RHSA-2023:3296: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.4 security fixes and container updates

Multicluster Engine for Kubernetes 2.2.4 General Availability release images, which fix security issues and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32313: A flaw was found in the vm2. After making a vm, the inspect method is read-write for console.log, which allows an attacker to edit options for console.log. This issue impacts the integrity by changing the log subsystem. * CVE-2023-32314: A flaw was found in the vm2 sandbox. When a host ...

Red Hat Security Advisory 2023-0584-01

Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

RHSA-2023:2710: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 for OpenShift image security update

A new image is available for Red Hat Single Sign-On 7.6.3, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-0341: In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction...

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-2098-01

Red Hat Security Advisory 2023-2098-01 - Multicluster Engine for Kubernetes 2.0.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

RHSA-2023:2104: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.8 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.5.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

Red Hat Security Advisory 2023-2083-01

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

RHSA-2023:2061: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.1.6 security updates and bug fixes

Multicluster Engine for Kubernetes 2.1.6 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

RHSA-2023:2041: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.1.0 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect ...

Red Hat Security Advisory 2023-2023-01

Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.

Red Hat Security Advisory 2023-1887-01

Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.

RHSA-2023:2023: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.7 Bug Fix and security update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...

Red Hat Security Advisory 2023-1888-01

Red Hat Security Advisory 2023-1888-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service and server-side request forgery vulnerabilities.

RHSA-2023:1888: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.3 security fixes and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.7.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...

RHSA-2023:1887: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.2.3 security updates and bug fixes

Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

RHSA-2023:1569: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the v...

Red Hat Security Advisory 2023-1200-01

Red Hat Security Advisory 2023-1200-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Red Hat Security Advisory 2023-1141-01

Red Hat Security Advisory 2023-1141-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

RHSA-2023:1141: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0361: A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send a large amount of specially crafted messages to the v...

Ubuntu Security Notice USN-5901-1

Ubuntu Security Notice 5901-1 - Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information.

Debian Security Advisory 5349-1

Debian Linux Security Advisory 5349-1 - Hubert Kario discovered a timing side channel in the RSA decryption implementation of the GNU TLS library.

CVE-2023-0361: Timing sidechannel in RSA decryption (#1050) · Issues · gnutls / GnuTLS · GitLab

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

CVE-2020-13777: gnutls.org

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.