[El-errata] ELSA-2017-0574 Moderate: Oracle Linux 6 gnutls security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Mar 28 09:51:28 PDT 2017
Oracle Linux Security Advisory ELSA-2017-0574
http://linux.oracle.com/errata/ELSA-2017-0574.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
gnutls-2.12.23-21.el6.i686.rpm
gnutls-devel-2.12.23-21.el6.i686.rpm
gnutls-guile-2.12.23-21.el6.i686.rpm
gnutls-utils-2.12.23-21.el6.i686.rpm
x86_64:
gnutls-2.12.23-21.el6.i686.rpm
gnutls-2.12.23-21.el6.x86_64.rpm
gnutls-devel-2.12.23-21.el6.i686.rpm
gnutls-devel-2.12.23-21.el6.x86_64.rpm
gnutls-guile-2.12.23-21.el6.i686.rpm
gnutls-guile-2.12.23-21.el6.x86_64.rpm
gnutls-utils-2.12.23-21.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/gnutls-2.12.23-21.el6.src.rpm
Description of changes:
[2.12.23-21]
- Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes
(#1326389, #1326073, #1323215, #1320982, #1328205, #1321112)
- Modified gnutls-serv to accept --sni-hostname (#1333521)
- Modified gnutls-serv to always reply with an alert message (#1327656)
- Removed support for DSA2 as it causes interoperability issues (#1321112)
- Allow sending and receiving certificates which were not in the
signature algorithms extension (#1328205)
- Removed support for EXPORT ciphersuites (#1337460)
- Raised the minimum acceptable DH size to 1024 (#1335924)
- Restricted the number of alert that can be received during handshake
(#1388730)
- Added fixes for OpenPGP parsing issues (CVE-2017-5337, CVE-2017-5336,
CVE-2017-5335)
- The exposed (but internal) crypto back-end registration API is
deprecated and no
longer functional. The ABI is kept compatible (#1415682)
More information about the El-errata
mailing list