Lucene search
AmazonALAS-2013-197HistoryJun 11, 2013 - 10:44 p.m.
Important: gnutls
2013-06-1122:44:00
alas.aws.amazon.com
19
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.862 High
EPSS
Percentile
98.5%
Issue Overview:
It was discovered that the fix for the CVE-2013-1619 issue introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS. (CVE-2013-2116)
Affected Packages:
gnutls
Issue Correction:
Run yum update gnutls to update your system.
New Packages:
i686:
gnutls-debuginfo-2.8.5-10.10.amzn1.i686
gnutls-devel-2.8.5-10.10.amzn1.i686
gnutls-2.8.5-10.10.amzn1.i686
gnutls-utils-2.8.5-10.10.amzn1.i686
gnutls-guile-2.8.5-10.10.amzn1.i686
src:
gnutls-2.8.5-10.10.amzn1.src
x86_64:
gnutls-2.8.5-10.10.amzn1.x86_64
gnutls-utils-2.8.5-10.10.amzn1.x86_64
gnutls-guile-2.8.5-10.10.amzn1.x86_64
gnutls-debuginfo-2.8.5-10.10.amzn1.x86_64
gnutls-devel-2.8.5-10.10.amzn1.x86_64
Additional References
Red Hat: CVE-2013-1619, CVE-2013-2116
Mitre: CVE-2013-1619, CVE-2013-2116
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | gnutls-debuginfo | < 2.8.5-10.10.amzn1 | gnutls-debuginfo-2.8.5-10.10.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | gnutls-devel | < 2.8.5-10.10.amzn1 | gnutls-devel-2.8.5-10.10.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | gnutls | < 2.8.5-10.10.amzn1 | gnutls-2.8.5-10.10.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | gnutls-utils | < 2.8.5-10.10.amzn1 | gnutls-utils-2.8.5-10.10.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | gnutls-guile | < 2.8.5-10.10.amzn1 | gnutls-guile-2.8.5-10.10.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | gnutls | < 2.8.5-10.10.amzn1 | gnutls-2.8.5-10.10.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | gnutls-utils | < 2.8.5-10.10.amzn1 | gnutls-utils-2.8.5-10.10.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | gnutls-guile | < 2.8.5-10.10.amzn1 | gnutls-guile-2.8.5-10.10.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | gnutls-debuginfo | < 2.8.5-10.10.amzn1 | gnutls-debuginfo-2.8.5-10.10.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | gnutls-devel | < 2.8.5-10.10.amzn1 | gnutls-devel-2.8.5-10.10.amzn1.x86_64.rpm |
Related
redhat
redhat
(RHSA-2013:0883) Important: gnutls security update
2013-05-30 00:00:00
(RHSA-2013:0588) Moderate: gnutls security update
2013-03-04 00:00:00
(RHSA-2013:1076) Important: rhev-hypervisor6 security and bug fix update
2013-07-16 00:00:00
openvas
openvas
RedHat Update for gnutls RHSA-2013:0883-01
2013-05-31 00:00:00
CentOS Update for gnutls CESA-2013:0883 centos6
2013-05-31 00:00:00
Fedora Update for mingw-gnutls FEDORA-2013-9774
2013-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: mingw-gnutls-2.12.23-2.fc18
2013-06-11 09:01:09
[SECURITY] Fedora 17 Update: mingw-gnutls-2.12.23-2.fc17
2013-06-11 09:10:43
[SECURITY] Fedora 18 Update: gnutls-2.12.23-2.fc18
2013-06-11 09:08:17
nessus
nessus
RHEL 5 / 6 : gnutls (RHSA-2013:0883)
2013-05-31 00:00:00
Amazon Linux AMI : gnutls (ALAS-2013-197)
2013-09-04 00:00:00
CentOS 5 / 6 : gnutls (CESA-2013:0883)
2013-05-31 00:00:00
oraclelinux
oraclelinux
gnutls security update
2013-05-30 00:00:00
gnutls security update
2014-03-03 00:00:00
gnutls security update
2014-03-03 00:00:00
centos
centos
gnutls security update
2013-05-30 18:50:13
gnutls security update
2013-03-04 22:46:23
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2013-10-28 00:00:00
suse
suse
Security update for gnutls (critical)
2014-03-04 01:07:15
Security update for GnuTLS (important)
2013-06-20 22:04:17
Security update for GnuTLS (important)
2013-07-04 22:04:13
slackware
slackware
[slackware-security] gnutls
2013-10-15 00:18:30
[slackware-security] gnutls
2013-08-30 07:46:14
[slackware-security] gnutls
2013-08-30 20:25:45
securityvulns
securityvulns
gnutls DoS
2013-06-03 00:00:00
[ MDVSA-2013:171 ] gnutls
2013-06-03 00:00:00
[USN-1752-1] GnuTLS vulnerability
2013-03-02 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:54:18
Information Leakage
2019-01-15 08:58:55
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Decoding Out-of-bounds Memory Access (CVE-2013-2116)
2013-08-25 00:00:00
ubuntu
ubuntu
GnuTLS vulnerability
2013-05-29 00:00:00
GnuTLS vulnerability
2013-02-27 00:00:00
debian
debian
[SECURITY] [DSA 2697-1] gnutls26 security update
2013-05-29 19:59:26
amazon
amazon
Medium: gnutls
2013-03-14 22:04:00
f5
f5
SOL15637 - GnuTLS vulnerability CVE-2013-2116
2014-10-06 00:00:00
K15637 : GnuTLS vulnerability CVE-2013-2116
2014-10-16 00:00:00
K15721 : GnuTLS vulnerability CVE-2013-1619
2014-10-23 00:00:00
prion
prion
Design/Logic Flaw
2013-07-03 18:55:00
Design/Logic Flaw
2013-02-08 19:55:00
cve
cve
CVE-2013-2116
2013-07-03 18:55:00
CVE-2013-1619
2013-02-08 19:55:00
ubuntucve
ubuntucve
CVE-2013-2116
2013-05-29 00:00:00
CVE-2013-1619
2013-02-08 00:00:00
debiancve
debiancve
CVE-2013-1619
2013-02-08 19:55:00
altlinux
altlinux
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2
2014-03-05 00:00:00
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.862 High
EPSS
Percentile
98.5%
Related for ALAS-2013-197