Red Hat Security Advisory 2019-3600-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a use-after-free vulnerability.
0b98b70ddb3a995fe8e4660d1b97cda0678f9239886ec6fd1dcf183c637b12f0Ubuntu Security Notice 3999-1 - Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tavis Ormandy discovered that GnuTLS incorrectly handled memory when verifying certain X.509 certificates. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. Various other issues were also addressed.
b8834a0c4a4415f7835754310e5da31860dabee4b26c193e7e1297853870b1e3Gentoo Linux Security Advisory 201904-14 - Multiple vulnerabilities have been found in GnuTLS, the worst of which could result in a Denial of Service condition. Versions less than 3.6.7 are affected.
f9923910f24db83df01c6e93b3b7106d5cacf99baaef9a2f759a2ced8e5346c9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed