RLSA-2024:1784 --- gnutlsID: oval:org.secpod.oval:def:4501579 | Date: (C)2024-05-21 (M)2024-06-10 |
Class: PATCH | Family: unix |
The gnutls package provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fix: * gnutls: vulnerable to Minerva side-channel information leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.