Overview
Request 1139454 accepted
- Update to 3.8.3:
* libgnutls: Fix more timing side-channel inside RSA-PSK key
exchange. [GNUTLS-SA-2024-01-14, CVSS: medium]
[bsc#1218865, CVE-2024-0553]
* libgnutls: Fix assertion failure when verifying a certificate
chain with a cycle of cross signatures.
[GNUTLS-SA-2024-01-09, CVSS: medium] [bsc#1218862, CVE-2024-0567]
* libgnutls: Fix regression in handling Ed25519 keys stored in
PKCS#11 token certtool was unable to handle Ed25519 keys
generated on PKCS#11 with pkcs11-tool (OpenSC).
This is a regression introduced in 3.8.2.
* Rebase gnutls-FIPS-140-3-references.patch
* Updated upstream gnutls.keyring
- Created by pmonrealgonzalez
- In state accepted
Request History
pmonrealgonzalez created request
- Update to 3.8.3:
* libgnutls: Fix more timing side-channel inside RSA-PSK key
exchange. [GNUTLS-SA-2024-01-14, CVSS: medium]
[bsc#1218865, CVE-2024-0553]
* libgnutls: Fix assertion failure when verifying a certificate
chain with a cycle of cross signatures.
[GNUTLS-SA-2024-01-09, CVSS: medium] [bsc#1218862, CVE-2024-0567]
* libgnutls: Fix regression in handling Ed25519 keys stored in
PKCS#11 token certtool was unable to handle Ed25519 keys
generated on PKCS#11 with pkcs11-tool (OpenSC).
This is a regression introduced in 3.8.2.
* Rebase gnutls-FIPS-140-3-references.patch
* Updated upstream gnutls.keyring
pmonrealgonzalez accepted request
OK
