A gnutls security and bug fix update has been released for Oracle Linux 9.

El-errata: ELSA-2023-1141 Moderate: Oracle Linux 9 gnutls security and bug fix update

Oracle Linux Security Advisory ELSA-2023-1141

  http://linux.oracle.com/errata/ELSA-2023-1141.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gnutls-3.7.6-18.el9_1.i686.rpm
gnutls-3.7.6-18.el9_1.x86_64.rpm
gnutls-c++-3.7.6-18.el9_1.i686.rpm
gnutls-c++-3.7.6-18.el9_1.x86_64.rpm
gnutls-dane-3.7.6-18.el9_1.i686.rpm
gnutls-dane-3.7.6-18.el9_1.x86_64.rpm
gnutls-devel-3.7.6-18.el9_1.i686.rpm
gnutls-devel-3.7.6-18.el9_1.x86_64.rpm
gnutls-utils-3.7.6-18.el9_1.x86_64.rpm

aarch64:
gnutls-3.7.6-18.el9_1.aarch64.rpm
gnutls-c++-3.7.6-18.el9_1.aarch64.rpm
gnutls-dane-3.7.6-18.el9_1.aarch64.rpm
gnutls-devel-3.7.6-18.el9_1.aarch64.rpm
gnutls-utils-3.7.6-18.el9_1.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates//gnutls-3.7.6-18.el9_1.src.rpm

Related CVEs:

CVE-2023-0361



Description of changes:

[3.7.6-18]
- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168610)

[3.7.6-17]
- Fix timing side-channel in TLS RSA key exchange (#2162600)

[3.7.6-16]
- fips: extend PCT to DH key generation (#2168610)

[3.7.6-14]
- fips: remove library path checking from FIPS integrity check (#2149638)
- fips: rename hmac file to its previous name (#2149640)

[3.7.6-13]
- cipher: add restriction on CCM tag length under FIPS mode (#2144535)
- nettle: mark non-compliant RSA-PSS salt length to be not-approved (#2144537)

_______________________________________________