Lucene search
OracleLinuxELSA-2019-3600HistoryNov 14, 2019 - 12:00 a.m.
gnutls security, bug fix, and enhancement update
2019-11-1400:00:00
linux.oracle.com
15
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
[3.6.8-8]
- Use fallback random function for RSA blinding in FIPS selftests
[3.6.8-7] - Fix deterministic signature creation in selftests
[3.6.8-6] - Treat login error more gracefully when enumerating PKCS#11 tokens (#1705478)
- Use deterministic ECDSA/DSA in FIPS selftests (#1716560)
- Add gnutls_aead_cipher_{encrypt,decrypt}v2 functions (#1684461)
[3.6.8-5] - Avoid UB when encrypting session tickets
[3.6.8-4] - Add RNG continuous test under FIPS
[3.6.8-3] - Follow-up fix on multiple key updates handling (#1673975)
[3.6.8-2] - Run FIPS AES self-tests over overridden algorithms
[3.6.8-1] - Update to upstream 3.6.8 release
[3.6.5-4] - Fixed FIPS signatures self tests (#1680509)
[3.6.5-3] - Fixed CVE-2019-3829 (#1693285)
- Fixed CVE-2019-3836 (#1693288)
- Added explicit BuildRequires for nettle-devel >= 3.4.1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | gnutls | < 3.6.8-8.el8 | gnutls-3.6.8-8.el8.src.rpm |
| oracle linux | 8 | aarch64 | gnutls | < 3.6.8-8.el8 | gnutls-3.6.8-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | gnutls-c++ | < 3.6.8-8.el8 | gnutls-c++-3.6.8-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | gnutls-dane | < 3.6.8-8.el8 | gnutls-dane-3.6.8-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | gnutls-devel | < 3.6.8-8.el8 | gnutls-devel-3.6.8-8.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | gnutls-utils | < 3.6.8-8.el8 | gnutls-utils-3.6.8-8.el8.aarch64.rpm |
| oracle linux | 8 | src | gnutls | < 3.6.8-8.el8 | gnutls-3.6.8-8.el8.src.rpm |
| oracle linux | 8 | i686 | gnutls | < 3.6.8-8.el8 | gnutls-3.6.8-8.el8.i686.rpm |
| oracle linux | 8 | x86_64 | gnutls | < 3.6.8-8.el8 | gnutls-3.6.8-8.el8.x86_64.rpm |
| oracle linux | 8 | i686 | gnutls-c++ | < 3.6.8-8.el8 | gnutls-c++-3.6.8-8.el8.i686.rpm |
Related
nessus
nessus
EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2019-1649)
2019-06-27 00:00:00
Fedora 28 : gnutls (2019-46df367eed)
2019-04-05 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-1649)
2020-01-23 00:00:00
Fedora Update for gnutls FEDORA-2019-e8c1cf958f
2019-05-07 00:00:00
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2019-2324)
2020-01-23 00:00:00
redhat
redhat
(RHSA-2019:3600) Moderate: gnutls security, bug fix, and enhancement update
2019-11-05 18:05:56
altlinux
altlinux
Security fix for the ALT Linux 10 package gnutls30 version 3.6.7-alt1
2019-03-28 00:00:00
Security fix for the ALT Linux 9 package gnutls30 version 3.6.7-alt1
2019-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: gnutls-3.6.7-1.fc30
2019-03-31 00:07:31
[SECURITY] Fedora 29 Update: gnutls-3.6.7-1.fc29
2019-03-31 03:02:35
[SECURITY] Fedora 28 Update: gnutls-3.6.5-3.fc28
2019-04-05 01:56:50
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2019-04-15 00:00:00
freebsd
freebsd
GnuTLS -- double free, invalid pointer access
2019-03-27 00:00:00
archlinux
archlinux
[ASA-201904-2] gnutls: multiple issues
2019-04-05 00:00:00
suse
suse
Security update for gnutls (important)
2019-05-08 00:00:00
cloudfoundry
cloudfoundry
USN-3999-1: GnuTLS vulnerabilities | Cloud Foundry
2019-06-18 00:00:00
ubuntu
ubuntu
GnuTLS vulnerabilities
2019-05-30 00:00:00
cve
cve
CVE-2019-3829
2019-03-27 18:29:00
CVE-2019-3836
2019-04-01 15:29:00
prion
prion
Null pointer dereference
2019-04-01 15:29:00
Double free
2019-03-27 18:29:00
alpinelinux
alpinelinux
CVE-2019-3836
2019-04-01 15:29:00
CVE-2019-3829
2019-03-27 18:29:00
redhatcve
redhatcve
CVE-2019-3836
2019-03-27 11:21:14
CVE-2019-3829
2019-03-27 11:20:44
osv
osv
CVE-2019-3836
2019-04-01 15:29:01
CVE-2019-3829
2019-03-27 18:29:00
veracode
veracode
Denial Of Service (DoS)
2019-03-28 01:48:52
Denial Of Service (DoS)
2019-11-06 00:21:05
debiancve
debiancve
CVE-2019-3836
2019-04-01 15:29:00
CVE-2019-3829
2019-03-27 18:29:00
ubuntucve
ubuntucve
CVE-2019-3836
2019-04-01 00:00:00
CVE-2019-3829
2019-03-27 00:00:00
checkpoint_advisories
checkpoint_advisories
GnuTLS Certificate Verification Use after Free (CVE-2019-3829)
2019-11-26 00:00:00
mageia
mageia
Updated gnutls packages fix security vulnerability
2019-04-05 21:12:59
photon
photon
Important Photon OS Security Update - PHSA-2019-0011
2019-04-23 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0011
2019-04-23 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for ELSA-2019-3600