3 matches found
SUSE-SU-2020:0948-2 Security update for gmp, gnutls, libnettle
This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...
gnutls: DTLS client hello contains a random value of all zeroes
A cryptographic weakness was found in the way DLTS implementation of GnuTLS, used zeros in place of random numbers. This flaw can break the security guarantee of the DTLS protocol...
DEBIAN-CVE-2018-12384
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact TLS 1.3...