5 matches found
openSUSE Security Update : gnutls (openSUSE-SU-2013:1714-1)
the following security issue was fixed : - Fix bug bnc848510, CVE-2013-4487 off-by-one security fix in libdane %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-858. The text...
CVE-2013-4487
Off-by-one error in the danerawtlsa in the DANE library libdane in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service memory corruption via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466...
CVE-2013-4487
GnuTLS libdane contains an off-by-one in dane_raw_tlsa that can cause memory corruption/DoS when a DNS response includes more than four DANE entries. Affected: GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6; root cause tied to incomplete fix for CVE-2013-4466. Remediation: upgrade to 3.1.16 or...
CVE-2013-4487
Off-by-one error in the danerawtlsa in the DANE library libdane in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service memory corruption via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466...
Fedora 19 : gnutls-3.1.16-1.fc19 (2013-20628)
Minor security update from upstream. New minor upstream release fixing a security issue. Adds ECC NIST Suite B curves support ECDH, ECDSA Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...