(RHSA-2016:0012) Moderate: gnutls security update

2016-01-0700:00:00

access.redhat.com

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.1%

JSON

The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).

A flaw was found in the way TLS 1.2 could use the MD5 hash function for
signing ServerKeyExchange and Client Authentication packets during a TLS
handshake. A man-in-the-middle attacker able to force a TLS connection to
use the MD5 hash function could use this flaw to conduct collision attacks
to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)

All gnutls users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all applications linked to the GnuTLS library must be restarted.

OSVersionArchitecturePackageVersionFilename
RedHat6ppc64gnutls-utils< 2.8.5-19.el6_7gnutls-utils-2.8.5-19.el6_7.ppc64.rpm
RedHat6ppcgnutls-debuginfo< 2.8.5-19.el6_7gnutls-debuginfo-2.8.5-19.el6_7.ppc.rpm
RedHat6ppc64gnutls-guile< 2.8.5-19.el6_7gnutls-guile-2.8.5-19.el6_7.ppc64.rpm
RedHat7ppc64gnutls-debuginfo< 3.3.8-14.el7_2gnutls-debuginfo-3.3.8-14.el7_2.ppc64.rpm
RedHat7i686gnutls-devel< 3.3.8-14.el7_2gnutls-devel-3.3.8-14.el7_2.i686.rpm
RedHat6x86_64gnutls-utils< 2.8.5-19.el6_7gnutls-utils-2.8.5-19.el6_7.x86_64.rpm
RedHat7ppcgnutls-c++< 3.3.8-14.el7_2gnutls-c++-3.3.8-14.el7_2.ppc.rpm
RedHat6s390gnutls-devel< 2.8.5-19.el6_7gnutls-devel-2.8.5-19.el6_7.s390.rpm
RedHat6i686gnutls-utils< 2.8.5-19.el6_7gnutls-utils-2.8.5-19.el6_7.i686.rpm
RedHat7ppc64gnutls-utils< 3.3.8-14.el7_2gnutls-utils-3.3.8-14.el7_2.ppc64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	ppc64	gnutls-utils	< 2.8.5-19.el6_7	gnutls-utils-2.8.5-19.el6_7.ppc64.rpm
RedHat	6	ppc	gnutls-debuginfo	< 2.8.5-19.el6_7	gnutls-debuginfo-2.8.5-19.el6_7.ppc.rpm
RedHat	6	ppc64	gnutls-guile	< 2.8.5-19.el6_7	gnutls-guile-2.8.5-19.el6_7.ppc64.rpm
RedHat	7	ppc64	gnutls-debuginfo	< 3.3.8-14.el7_2	gnutls-debuginfo-3.3.8-14.el7_2.ppc64.rpm
RedHat	7	i686	gnutls-devel	< 3.3.8-14.el7_2	gnutls-devel-3.3.8-14.el7_2.i686.rpm
RedHat	6	x86_64	gnutls-utils	< 2.8.5-19.el6_7	gnutls-utils-2.8.5-19.el6_7.x86_64.rpm
RedHat	7	ppc	gnutls-c++	< 3.3.8-14.el7_2	gnutls-c++-3.3.8-14.el7_2.ppc.rpm
RedHat	6	s390	gnutls-devel	< 2.8.5-19.el6_7	gnutls-devel-2.8.5-19.el6_7.s390.rpm
RedHat	6	i686	gnutls-utils	< 2.8.5-19.el6_7	gnutls-utils-2.8.5-19.el6_7.i686.rpm
RedHat	7	ppc64	gnutls-utils	< 3.3.8-14.el7_2	gnutls-utils-3.3.8-14.el7_2.ppc64.rpm