ALAS2023-2025-958

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. (CVE-2024-12243)

aarch64:
    gnutls-debuginfo-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-dane-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-c++-debuginfo-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-utils-debuginfo-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-c++-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-dane-debuginfo-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-utils-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-debugsource-3.8.3-6.amzn2023.0.1.aarch64
    gnutls-devel-3.8.3-6.amzn2023.0.1.aarch64

src:
    gnutls-3.8.3-6.amzn2023.0.1.src

x86_64:
    gnutls-dane-debuginfo-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-debuginfo-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-c++-debuginfo-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-dane-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-utils-debuginfo-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-c++-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-utils-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-debugsource-3.8.3-6.amzn2023.0.1.x86_64
    gnutls-devel-3.8.3-6.amzn2023.0.1.x86_64