SUSE-SU-2024:1271-1 Security update for gnutls

This update for gnutls fixes the following issues: - CVE-2024-28834: Fixed side-channel in the deterministic ECDSA bsc1221746 - CVE-2024-28835: Fixed denial of service during certificate chain verification bsc1221747 Other fixes: - jitterentropy: Release the memory of the entropy collector when...

OESA-2024-1439 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

AlmaLinux 8 : gnutls (ALSA-2024:1784)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1784 advisory. - A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gnutls: vulnerable to Minerva side-channel information leak

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, it can result in a noticeable step in nonce...

Denial Of Service (DoS)

gnutls is vulnerable to Denial of ServiceDoS. The vulnerability is due to excessive resource consumption caused by the "certtool --verify-chain" command when verifying a specially crafted .pem bundle, leading to an application crash...

Sensitive Information Disclosure

GnuTLS is vulnerable to Sensitive Information Disclosure. The vulnerability is due to exploiting deterministic behavior in systems like GnuTLS, particularly when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag, which can lead to a noticeable step in nonce size from 513 to 512 bits, exposing a...

RHEL 8 : gnutls (RHSA-2024:1784)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1784 advisory. The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS,...

Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fixes: gnutls: vulnerable to Minerva side-channel...

ALSA-2024:1784 Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fixes: gnutls: vulnerable to Minerva side-channel...

SUSE-SU-2024:1179-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issues fixed: - CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange bsc1208143. - CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange bsc1217277. - CVE-2024-0567: Fixed an incorrect rejection of...

ROS-20240409-15

Vulnerability of the GnuTLS transport layer cryptographic library is related to errors in verification of the of cryptographic signatures. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2024-1507)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertext...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1486)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1507)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2024-1486)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertext...

ROS-20240405-06

A vulnerability in the GnuTLS transport layer security library is related to information disclosure via a inconsistency. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

Mageia: Security Advisory (MGASA-2024-0089)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate Photon OS Security Update - PHSA-2024-4.0-0590

Updates of 'gnutls' packages of Photon OS have been released...

Moderate Photon OS Security Update - PHSA-2024-5.0-0240

Updates of 'gnutls' packages of Photon OS have been released...