Operating System:

[RedHat]

Published:

06 November 2019

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2019.4119 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.4119
             gnutls security, bug fix, and enhancement update
                              6 November 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           gnutls
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 8
                   Red Hat Enterprise Linux WS/Desktop 8
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-3836 CVE-2019-3829 

Reference:         ESB-2019.1945
                   ESB-2019.1477

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2019:3600

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: gnutls security, bug fix, and enhancement update
Advisory ID:       RHSA-2019:3600-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3600
Issue date:        2019-11-05
CVE Names:         CVE-2019-3829 CVE-2019-3836 
=====================================================================

1. Summary:

An update for gnutls is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The gnutls packages provide the GNU Transport Layer Security (GnuTLS)
library, which implements cryptographic algorithms and protocols such as
SSL, TLS, and DTLS.

The following packages have been upgraded to a later upstream version:
gnutls (3.6.8). (BZ#1689967)

Security Fix(es):

* gnutls: use-after-free/double-free in certificate verification
(CVE-2019-3829)

* gnutls: invalid pointer access upon receiving async handshake messages
(CVE-2019-3836)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1667427 - Multiple issues in implementation of record_size_limit extension (RFC 8449)
1673975 - gnutls does not support multiple KeyUpdate messages on a connection
1677048 - CVE-2019-3829 gnutls: use-after-free/double-free in certificate verification
1678411 - CVE-2019-3836 gnutls: invalid pointer access upon receiving async handshake messages
1680509 - Missing comparison with known good signature in RSA power on self test
1680510 - Missing power on self tests for SHA3
1684461 - Implement gnutls_aead_cipher_(en|de)crypt_vec() API in GnuTLS
1684534 - p11tool fails to list private keys with 'pin-value' specified in PKCS#11 URI
1686579 - GnuTLS server sends downgrade sentinel when negotiating TLS 1.3
1686582 - Incorrect handling of fragmented KeyUpdate messages
1690440 - selftest fails in FIPS mode
1691448 - TLS Keying Material Exporter is unsupported by command line tools
1705478 - gnutls fails with PKCS#11 URIs without module specification
1706921 - GnuTLS should implement continuous random test or use the kernel AF_ALG interface for random

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:
gnutls-c++-3.6.8-8.el8.aarch64.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-dane-3.6.8-8.el8.aarch64.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-debugsource-3.6.8-8.el8.aarch64.rpm
gnutls-devel-3.6.8-8.el8.aarch64.rpm
gnutls-utils-3.6.8-8.el8.aarch64.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.aarch64.rpm

ppc64le:
gnutls-c++-3.6.8-8.el8.ppc64le.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-dane-3.6.8-8.el8.ppc64le.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-debugsource-3.6.8-8.el8.ppc64le.rpm
gnutls-devel-3.6.8-8.el8.ppc64le.rpm
gnutls-utils-3.6.8-8.el8.ppc64le.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.ppc64le.rpm

s390x:
gnutls-c++-3.6.8-8.el8.s390x.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-dane-3.6.8-8.el8.s390x.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-debugsource-3.6.8-8.el8.s390x.rpm
gnutls-devel-3.6.8-8.el8.s390x.rpm
gnutls-utils-3.6.8-8.el8.s390x.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.s390x.rpm

x86_64:
gnutls-c++-3.6.8-8.el8.i686.rpm
gnutls-c++-3.6.8-8.el8.x86_64.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-dane-3.6.8-8.el8.i686.rpm
gnutls-dane-3.6.8-8.el8.x86_64.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-debugsource-3.6.8-8.el8.i686.rpm
gnutls-debugsource-3.6.8-8.el8.x86_64.rpm
gnutls-devel-3.6.8-8.el8.i686.rpm
gnutls-devel-3.6.8-8.el8.x86_64.rpm
gnutls-utils-3.6.8-8.el8.x86_64.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
gnutls-3.6.8-8.el8.src.rpm

aarch64:
gnutls-3.6.8-8.el8.aarch64.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-debuginfo-3.6.8-8.el8.aarch64.rpm
gnutls-debugsource-3.6.8-8.el8.aarch64.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.aarch64.rpm

ppc64le:
gnutls-3.6.8-8.el8.ppc64le.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-debuginfo-3.6.8-8.el8.ppc64le.rpm
gnutls-debugsource-3.6.8-8.el8.ppc64le.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.ppc64le.rpm

s390x:
gnutls-3.6.8-8.el8.s390x.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-debuginfo-3.6.8-8.el8.s390x.rpm
gnutls-debugsource-3.6.8-8.el8.s390x.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.s390x.rpm

x86_64:
gnutls-3.6.8-8.el8.i686.rpm
gnutls-3.6.8-8.el8.x86_64.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-c++-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-dane-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-debuginfo-3.6.8-8.el8.x86_64.rpm
gnutls-debugsource-3.6.8-8.el8.i686.rpm
gnutls-debugsource-3.6.8-8.el8.x86_64.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.i686.rpm
gnutls-utils-debuginfo-3.6.8-8.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-3829
https://access.redhat.com/security/cve/CVE-2019-3836
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXcHqVdzjgjWX9erEAQivkg//T1uT+4YnLfKeaK7faseEHaqGlgkUR5ac
mBrFTuSw5amGRgDJmnf0yEq1sA8C413zrfpl2CXyThIidShOL5iR7ubODQ79w7kC
sUKcD2wP8AzDXul9ip/fGO+0mOUr1Fz48urD0p2dXYKIa0OIPrz3ID20IH0zUsuI
ED/7hbUkw49T150O2TjPyB5RkR0IdyDYXy3lZ/VJi1797rbFRPJKFxh7EMkr+KVQ
5rgZu0sa/MECVxCSNqQlTzwKwopn2t+dWI76ntiJwVQu9A00vBParIUJN3UAdBKD
E+2k1MNMqv2fpxkPawXMCxwnqhOk50QjYw95kj8X21PDRSh8/FZZ14XHPk5bnf3t
VirzV3JAAcxtI+yYdRfdW1K7fupVcmWKll9RzQTL3PzZ53FNRNu7Ww1Rd+s2c6p9
IuuWNDqyWeQavfIe8LZ0isETKeXuK40og1GSNTAUYjCXsH1aO7kB6rq0ewMAOXNg
mfmwUthLyprL8xyPTrA9RvO3xtY3PbBkaTxTbJgkYWv4RqMO2XFQtWu8+LaB0IM4
Hsp+bl+cd7nZJVUfboMyHL+gU6JHgrek3+qd3B9ogHPDE0n7T+NdJb4QyVrYo5RO
SQ0nqyr0Lg2sKtxGqPMulYaY4cE9EmVgUjKBPy+SOBUGucoDMSY0V3mhtVfOaMOe
Lb00IwJNVnk=
=XBVn
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXcI5JWaOgq3Tt24GAQgBhRAAjPV1Q9QV8119Bdp6aT3yradjm3m9fYY7
oEY7RcoYn0IgN7fxr02Smi3eweowba6Myne4ikFgoxIhx6I+Gtp2IihkRfKH+/kh
Ti2p8esvqCpa6RxcbJ9nfgwWgko8KJs+8dWh8lAsBnPJxgLLGZoQfig6Mj15bWbU
3TF6EYgq2cmZ2FKUjJHbMcDOeJ/EUpQV5thwqlNX1Ab8oK5gByCDPQCYxY8xdc9E
YFpTfN/LzIwSKjp5Kj10wef8FtOCUGNGZWaTCfTgv0Qw3a1jH5esksep7XYhZSt/
aAv/6D+5u4kubzCL2DFaGlSks3EXrQTyI6I9ZIjmMPhYgSg5sw5pWz3bfeTQmtJw
2Y5vdmk4XVEeGA6IpSO1alndDs3Zc/2rSIvsWM49JRWGzIPaMDjPvpp5Z/b4MGyG
8wvOwLwrI9fLn1bK+CI9+m3BtaavZJB2eoC20zaA0or05hPMjzXF4ihwtieouAaY
TzLJ0TfSZchqFDv60CXiNidr0hGd00nj4wcrBiyE8ONLPc4MvonoLXaE1dD2IGy9
crXECRQAg8wE4JWZqGWsGNUT1iWFrzsSqFcWwsmH54R77pBc698VIT+K2v/goObg
6BLQxYsQE0f8Q35iHQOgSPoxxW6T/CyLmRo7H6+5mbdtqeesyyyWNr9MnH0EHRKh
+Wdu7VQiH5w=
=w/6M
-----END PGP SIGNATURE-----