An update is available for gnutls.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The gnutls package provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
gnutls: vulnerable to Minerva side-channel information leak (CVE-2024-28834)
gnutls: potential crash during chain building/verification (CVE-2024-28835)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rocky | 9 | aarch64 | gnutls | < 3.8.3-4.el9_4 | gnutls-0:3.8.3-4.el9_4.aarch64.rpm |
rocky | 9 | i686 | gnutls | < 3.8.3-4.el9_4 | gnutls-0:3.8.3-4.el9_4.i686.rpm |
rocky | 9 | ppc64le | gnutls | < 3.8.3-4.el9_4 | gnutls-0:3.8.3-4.el9_4.ppc64le.rpm |
rocky | 9 | s390x | gnutls | < 3.8.3-4.el9_4 | gnutls-0:3.8.3-4.el9_4.s390x.rpm |
rocky | 9 | x86_64 | gnutls | < 3.8.3-4.el9_4 | gnutls-0:3.8.3-4.el9_4.x86_64.rpm |
rocky | 9 | aarch64 | gnutls-c++ | < 3.8.3-4.el9_4 | gnutls-c++-0:3.8.3-4.el9_4.aarch64.rpm |
rocky | 9 | i686 | gnutls-c++ | < 3.8.3-4.el9_4 | gnutls-c++-0:3.8.3-4.el9_4.i686.rpm |
rocky | 9 | ppc64le | gnutls-c++ | < 3.8.3-4.el9_4 | gnutls-c++-0:3.8.3-4.el9_4.ppc64le.rpm |
rocky | 9 | s390x | gnutls-c++ | < 3.8.3-4.el9_4 | gnutls-c++-0:3.8.3-4.el9_4.s390x.rpm |
rocky | 9 | x86_64 | gnutls-c++ | < 3.8.3-4.el9_4 | gnutls-c++-0:3.8.3-4.el9_4.x86_64.rpm |