|
|
Log in / Subscribe / Register

Oracle alert ELSA-2017-2292 (gnutls)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2017-2292 Moderate: Oracle Linux 7 gnutls security, bug fix, and enhancement update 


Date:
    	      Tue, 8 Aug 2017 13:54:59 -0700


Message-ID:
    	      <ece3d5bc-c888-867f-44f0-d13c103238b7@oracle.com>


Oracle Linux Security Advisory ELSA-2017-2292

http://linux.oracle.com/errata/ELSA-2017-2292.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
gnutls-3.3.26-9.el7.i686.rpm
gnutls-3.3.26-9.el7.x86_64.rpm
gnutls-c++-3.3.26-9.el7.i686.rpm
gnutls-c++-3.3.26-9.el7.x86_64.rpm
gnutls-dane-3.3.26-9.el7.i686.rpm
gnutls-dane-3.3.26-9.el7.x86_64.rpm
gnutls-devel-3.3.26-9.el7.i686.rpm
gnutls-devel-3.3.26-9.el7.x86_64.rpm
gnutls-utils-3.3.26-9.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/gnutls-3.3.26-9.e...



Description of changes:

[3.3.26-9]
- Address crash in OCSP status request extension, by eliminating the
   unneeded parsing (CVE-2017-7507, #1455828)

[3.3.26-7]
- Address interoperability issue with 3.5.x (#1388932)
- Reject CAs which are both trusted and blacklisted in trust module 
(#1375303)
- Added new functions to set issuer and subject ID in certificates 
(#1378373)
- Reject connections with less than 1024-bit DH parameters (#1335931)
- Fix issue that made GnuTLS parse only the first 32 extensions (#1383748)
- Mention limitations of certtool in manpage (#1375463)
- Read PKCS#8 files with HMAC-SHA256 -as generated by openssl 1.1 (#1380642)
- Do not link directly to trousers but instead use dlopen (#1379739)
- Fix incorrect OCSP validation (#1377569)
- Added support for pin-value in PKCS#11 URIs (#1379283)
- Added the --id option to p11tool (#1399232)
- Improved sanity checks in RSA key generation (#1444780)
- Addressed CVE-2017-5334, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337,
   CVE-2017-7869


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds