rpms/gnutls
7
0
Fork 0
Code Issues Pull Requests Releases Activity
17 Commits 8 Branches 70 Tags 2 MiB
c8s
Commit Graph

17 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Sosedkin
a9ca5bdc28 Fix 3.8.13 CVEs and security issues 
- Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite)
- Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour)
- Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread)
- Fix CVE-2026-42010 (PSK authentication, High, authentication bypass)
- Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free)
- Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread)
- Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite)
- Fix upstream security issue #1808 (PSK rehandshake)
- Fix upstream security issue #1810 (EKU OID prefix match)
- Fix upstream security issue #1818 (RSA correctness, OpenSSL format import)
- Fix upstream security issue #1819 (PKCS#11 trust removal error path)
- Fix upstream security issue #1817 (session parameter loading robustness)

Resolves: RHEL-154320
Resolves: RHEL-159046
Resolves: RHEL-149713
 2026-05-04 14:41:25 +02:00
Alexander Sosedkin
6ab6b680c7 Backport the fixes for CVE-2025-9820 and CVE‑2025‑14831 
Resolves: RHEL-148627
Resolves: RHEL-147833
 2026-02-12 12:51:45 +01:00
Alexander Sosedkin
815307c90c Backport the fixes for CVE-2025-6395, CVE-2025-32988 and CVE-2025-32990 
Resolves: RHEL-111994
Resolves: RHEL-111793
Resolves: RHEL-111790
 2025-09-08 14:56:55 +02:00
Alexander Sosedkin
f8202d0712 Switch to OSCI (fixup) 2025-06-27 09:37:31 +02:00
Alexander Sosedkin
80296cd46c Switch to OSCI 2025-06-26 14:50:20 +02:00
Alexander Sosedkin
a075413675 Backport the fix for CVE-2024-12243 
Resolves: RHEL-85573
 2025-04-01 11:03:16 +02:00
Daiki Ueno
fe6ca90481 Fix timing side-channel in deterministic ECDSA 
Resolves: RHEL-35231
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2024-05-02 15:51:49 +09:00
Daiki Ueno
d7ec39326a auth/rsa-psk: minimize branching after decryption 
Resolves: RHEL-21550
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2024-01-22 14:32:10 +09:00
Daiki Ueno
80be6ed617 auth/rsa_psk: side-step potential side-channel 
Resolves: RHEL-16754
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2023-12-07 11:52:53 +09:00
Daiki Ueno
0f8748c962 Clear server's session ticket indication at rehandshake 
Resolves: #2089817
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2023-06-26 09:31:27 +02:00
CentOS Sources
ca1ccd862b Auto sync2gitlab import of gnutls-3.6.16-6.el8_7.src.rpm 2023-03-16 02:11:32 +00:00
Troy Dawson
53551f2e5d Bring gating.yaml over from Brew dist-git 
Signed-off-by: Troy Dawson <tdawson@redhat.com>
 2023-03-10 10:41:36 -08:00
James Antill
3e398db3f7 Import rpm: c8s 2023-02-27 13:20:37 -05:00
CentOS Sources
1550972a88 Auto sync2gitlab import of gnutls-3.6.16-6.el8.src.rpm 2023-01-13 08:09:52 +00:00
CentOS Sources
90c90edd1c Auto sync2gitlab import of gnutls-3.6.16-5.el8_6.src.rpm 2022-09-02 12:12:03 +00:00
James Antill
f1f19751c5 Auto sync2gitlab import of gnutls-3.6.16-4.el8.src.rpm 2022-05-26 07:51:32 -04:00
James Antill
f115cb50da Initial c8s branch. 2022-05-26 07:51:24 -04:00