----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details:
http://secunia.com/binary_analysis/sample_analysis/

----------------------------------------------------------------------

TITLE:
SUSE update for gnutls

SECUNIA ADVISORY ID:
SA31939

VERIFY ADVISORY:
http://secunia.com/advisories/31939/

CRITICAL:
Highly critical

IMPACT:
DoS, System access

WHERE:
>From remote

OPERATING SYSTEM:
SUSE Linux Enterprise Server 9
http://secunia.com/advisories/product/4118/
SUSE Linux Enterprise Server 10
http://secunia.com/advisories/product/12192/

http://secunia.com/advisories/product//
openSUSE 10.3
http://secunia.com/advisories/product/16124/
openSUSE 10.2
http://secunia.com/advisories/product/13375/

SOFTWARE:
Novell Open Enterprise Server 1.x
http://secunia.com/advisories/product/4664/

DESCRIPTION:
SuSE has issued an update for gnutls. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to potentially compromise an application
using the library.

For more information:
SA30287

SOLUTION:
Apply updated packages.

x86 Platform:

openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/gnutls-1.6.1-36.2.i586.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/gnutls-devel-1.6.1-36.2.i586.rpm

openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/gnutls-1.4.4-19.i586.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/gnutls-devel-1.4.4-19.i586.rpm

x86-64 Platform:

openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/gnutls-32bit-1.6.1-36.2.x86_64.rpm
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/gnutls-devel-32bit-1.6.1-36.2.x86_64.rpm

openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/gnutls-32bit-1.4.4-19.x86_64.rpm
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/gnutls-devel-32bit-1.4.4-19.x86_64.rpm

Sources:

openSUSE 10.3:
http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/gnutls-1.6.1-36.2.src.rpm

openSUSE 10.2:
ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/gnutls-1.4.4-19.src.rpm

Our maintenance customers are notified individually. The packages
are
offered for installation from the maintenance web:

SUSE Linux Enterprise Server 10 SP1
http://download.novell.com/index.jsp?search=Search&keywords=16019428f51c348156efc7b17ac3a6b1

SUSE Linux Enterprise Desktop 10 SP1
http://download.novell.com/index.jsp?search=Search&keywords=16019428f51c348156efc7b17ac3a6b1

Open Enterprise Server
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

Novell Linux POS 9
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

Novell Linux Desktop 9
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

SUSE Linux Enterprise Server 10 SP2
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

SUSE Linux Enterprise 10 SP2 DEBUGINFO
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

SUSE Linux Enterprise Desktop 10 SP2
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

SUSE SLES 9
http://download.novell.com/index.jsp?search=Search&keywords=566c183b06655fd3c666c5d69f276831

ORIGINAL ADVISORY:
SUSE-SA:2008:046:
http://www.novell.com/linux/security/advisories/2008_46_gnutls.html

OTHER REFERENCES:
SA30287:
http://secunia.com/advisories/30287/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------