gnutls-utils-3.8.10-4.el9 RPM for s390x

From CentOS Stream 9 AppStream for s390x

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.
This package contains command line TLS client and server and certificate
manipulation tools.

Provides

• gnutls-utils
• gnutls-utils(s390-64)

Requires

• gnutls(s390-64) = 3.8.10-4.el9
• gnutls-dane(s390-64) = 3.8.10-4.el9
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libgnutls-dane.so.0()(64bit)
• libgnutls-dane.so.0(DANE_0_0)(64bit)
• libgnutls.so.30()(64bit)
• libgnutls.so.30(GNUTLS_3_4)(64bit)
• libgnutls.so.30(GNUTLS_3_6_0)(64bit)
• libgnutls.so.30(GNUTLS_3_6_12)(64bit)
• libgnutls.so.30(GNUTLS_3_6_13)(64bit)
• libgnutls.so.30(GNUTLS_3_6_14)(64bit)
• libgnutls.so.30(GNUTLS_3_6_2)(64bit)
• libgnutls.so.30(GNUTLS_3_6_3)(64bit)
• libgnutls.so.30(GNUTLS_3_6_4)(64bit)
• libgnutls.so.30(GNUTLS_3_6_5)(64bit)
• libgnutls.so.30(GNUTLS_3_6_6)(64bit)
• libgnutls.so.30(GNUTLS_3_6_8)(64bit)
• libgnutls.so.30(GNUTLS_3_6_9)(64bit)
• libgnutls.so.30(GNUTLS_3_7_0)(64bit)
• libgnutls.so.30(GNUTLS_3_7_3)(64bit)
• libgnutls.so.30(GNUTLS_3_7_4)(64bit)
• libgnutls.so.30(GNUTLS_3_8_4)(64bit)
• libgnutls.so.30(GNUTLS_3_8_6)(64bit)
• libgnutls.so.30(GNUTLS_PRIVATE_3_4)(64bit)
• libm.so.6()(64bit)
• libm.so.6(GLIBC_2.2)(64bit)
• libtasn1.so.6()(64bit)
• libtasn1.so.6(LIBTASN1_0_3)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

GPLv3+

Changelog

* Thu Apr 30 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-4
  - Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite)
  - Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour)
  - Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread)
  - Fix CVE-2026-42010 (PSK authentication, High, authentication bypass)
  - Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass)
  - Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass)
  - Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse)
  - Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse)
  - Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free)
  - Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread)
  - Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite)
  - Fix CVE-2026-3832 (OCSP, Low, revocation bypass)
  - Fix CVE-2026-5419 (PKCS#7, Low, timing side-channel)
  - Fix upstream security issue #1808 (PSK rehandshake)
  - Fix upstream security issue #1810 (EKU OID prefix match)
  - Fix upstream security issue #1813 (pkcs11-provider persistent keys)
  - Fix upstream security issue #1818 (RSA correctness, OpenSSL format import)
  - Fix upstream security issue #1819 (PKCS#11 trust removal error path)
  - Fix upstream security issue #1822 (SCT extension parser OOB read)
  - Fix upstream security issue #1841 (key zeroization in hybrid kex)
  - Fix upstream security issue #1823 (malformed certtool template)
  - Fix upstream security issue #1817 (session parameter loading robustness)
  - Fix upstream security issue #1820 (PKCS#11 KDF succeeding w/o deriving)
  - gnutls-3.8.10-CVE-2025-9820.patch: update Makefile.in
* Fri Feb 06 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-3
  - Fix PKCS#11 token initialization label overflow (CVE-2025-9820)
  - Fix name constraint processing performance issue (CVE-2025-14831)
* Wed Jan 14 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-2
  - Reinstate and update the prematurely dropped rekeying patch
* Thu Nov 06 2025 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-1
  - Rebase to 3.8.10
  - Revert defaulting to PBMAC1 in FIPS mode
  - Revert unapproving 1024-, 1280-, 1536- and 1792-bit RSA verification
* Tue Aug 05 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-9
  - key_update: rework the rekeying logic (RHEL-107499)
* Fri Jul 18 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-8
  - Add missing changelog entry
* Fri Jul 18 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-7
  - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395
* Mon Feb 17 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-6
  - Bump nettle dependency to 3.10.1 (RHEL-52740)
* Wed Feb 12 2025 Alexander Sosedkin <asosedki@redhat.com> - 3.8.3-5
  - Backport the fix for CVE-2024-12243 (RHEL-78580)

Files

/usr/bin/certtool
/usr/bin/danetool
/usr/bin/gnutls-cli
/usr/bin/gnutls-cli-debug
/usr/bin/gnutls-serv
/usr/bin/ocsptool
/usr/bin/p11tool
/usr/bin/psktool
/usr/bin/srptool
/usr/lib/.build-id
/usr/lib/.build-id/1c
/usr/lib/.build-id/1c/0ec28e25d18a7e00efe4f4aa61665588800664
/usr/lib/.build-id/2b
/usr/lib/.build-id/2b/14eaa9598903cda8e3d5559c410a0b60eae8a6
/usr/lib/.build-id/37
/usr/lib/.build-id/37/8a74fe421ab8a190c72d807e64c9d8b6768a67
/usr/lib/.build-id/4d
/usr/lib/.build-id/4d/c2060dd0d254ac1dfca474d46b2d0b19f57e67
/usr/lib/.build-id/55
/usr/lib/.build-id/55/d43ed8f193195df7d7dc9e8b415486b1a1336f
/usr/lib/.build-id/7c
/usr/lib/.build-id/7c/f7efc3c6d0a398a2d9f527b70c6ac324deb6f5
/usr/lib/.build-id/84
/usr/lib/.build-id/84/86a0ca90a5ae93b9a21b6f17e5a4f0b30d17c9
/usr/lib/.build-id/87
/usr/lib/.build-id/87/cf213b58565aa76c562e9200912eda0ba342e8
/usr/lib/.build-id/bc
/usr/lib/.build-id/bc/cda3fab2faa090de7c95825d71c3ca3bbcdc93
/usr/share/doc/gnutls-utils
/usr/share/doc/gnutls-utils/certtool.cfg
/usr/share/man/man1/certtool.1.gz
/usr/share/man/man1/danetool.1.gz
/usr/share/man/man1/gnutls-cli-debug.1.gz
/usr/share/man/man1/gnutls-cli.1.gz
/usr/share/man/man1/gnutls-serv.1.gz
/usr/share/man/man1/ocsptool.1.gz
/usr/share/man/man1/p11tool.1.gz
/usr/share/man/man1/psktool.1.gz
/usr/share/man/man1/srptool.1.gz
/usr/share/man/man1/tpmtool.1.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed May 27 06:04:06 2026