CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
79.5%
Debian Security Advisory DSA-2866-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2014 http://www.debian.org/security/faq
Package : gnutls26
Vulnerability : certificate verification flaw
CVE ID : CVE-2014-1959
Suman Jana reported that GnuTLS, deviating from the documented behavior,
considers a version 1 intermediate certificate as a CA certificate by
default.
The oldstable distribution (squeeze) is not affected by this problem as
X.509 version 1 trusted CA certificates are not allowed by default.
For the stable distribution (wheezy), this problem has been fixed in
version 2.12.20-8.
For the testing distribution (jessie) and the unstable distribution
(sid), this problem has been fixed in version 2.12.23-12.
We recommend that you upgrade your gnutls26 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | armel | libgnutls-dev | < 2.12.20-8 | libgnutls-dev_2.12.20-8_armel.deb |
Debian | 7 | armhf | libgnutlsxx27 | < 2.12.20-8 | libgnutlsxx27_2.12.20-8_armhf.deb |
Debian | 7 | ia64 | libgnutls-dev | < 2.12.20-8 | libgnutls-dev_2.12.20-8_ia64.deb |
Debian | 7 | ia64 | gnutls-bin | < 3.0.22-3+really2.12.20-8 | gnutls-bin_3.0.22-3+really2.12.20-8_ia64.deb |
Debian | 7 | s390 | libgnutls26 | < 2.12.20-8 | libgnutls26_2.12.20-8_s390.deb |
Debian | 7 | kfreebsd-amd64 | libgnutls-openssl27 | < 2.12.20-8 | libgnutls-openssl27_2.12.20-8_kfreebsd-amd64.deb |
Debian | 7 | kfreebsd-amd64 | libgnutlsxx27 | < 2.12.20-8 | libgnutlsxx27_2.12.20-8_kfreebsd-amd64.deb |
Debian | 7 | ia64 | libgnutls-openssl27 | < 2.12.20-8 | libgnutls-openssl27_2.12.20-8_ia64.deb |
Debian | 7 | i386 | gnutls-bin | < 3.0.22-3+really2.12.20-8 | gnutls-bin_3.0.22-3+really2.12.20-8_i386.deb |
Debian | 7 | armel | libgnutls-openssl27 | < 2.12.20-8 | libgnutls-openssl27_2.12.20-8_armel.deb |