27 matches found
Mandriva Linux Security Advisory : gnutls (MDVSA-2015:072)
Updated gnutls packages fix security vulnerabilities : Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default something that deviates from the...
Fedora Update for gnutls FEDORA-2014-14760
Check the version of gnutls SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868484";...
Fedora Update for mingw-gnutls FEDORA-2014-6963
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for gnutls FEDORA-2014-6881
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2014-6953
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GnuTLS X.509 Version 1 Intermediate Certificate Policy Bypass (CVE-2014-1959)
A policy-bypass vulnerability has been found in GnuTLS. The vulnerability is due to an error in lib/x509/verify.c where an X.509 version 1 certificate is incorrectly treated as an intermediate CA certificate. A remote attacker could exploit this vulnerability to bypass certificate validation...
Fedora Update for mingw-gnutls FEDORA-2014-3454
Check for the Version of mingw-gnutls OpenVAS Vulnerability Test Fedora Update for mingw-gnutls FEDORA-2014-3454 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for mingw-gnutls FEDORA-2014-3454
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2014-3493
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for gnutls FEDORA-2014-3363
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-1959
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates...
CVE-2014-1959
GnuTLS CVE-2014-1959 affects lib/x509/verify.c where an X.509 Version 1 certificate is erroneously treated as an intermediate CA. This allows remote attackers who have a trusted V1 cert to issue new certificates, bypassing certain restrictions. Affected are GnuTLS releases prior to 3.1.21 and 3.2...
Security fix for the ALT Linux 9 package gnutls30 version 2.12.23-alt2
March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...
Security fix for the ALT Linux 10 package gnutls30 version 2.12.23-alt2
March 5, 2014 Dmitry V. Levin 2.12.23-alt2 - Applied upstream fixes for CVE-2013-2116, CVE-2014-1959, and CVE-2014-0092...
Ubuntu 12.04 LTS / 12.10 / 13.10 : gnutls26 vulnerability (USN-2121-1)
Suman Jana discovered that GnuTLS incorrectly handled version 1 intermediate certificates. This resulted in them being considered to be a valid CA certificate by default, which was contrary to documented behaviour. Note that Tenable Network Security has extracted the preceding description block...
Fedora Update for gnutls FEDORA-2014-2588
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2014-2565
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2014-2583
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[BSA-093] Security Update for gnutls28
Andreas Metzler uploaded new packages for gnutls28 which fixed the following security problems: CVE-2014-1959 / DSA 2866-1 / GNUTLS-SA-2014-1 Suman Jana reported that GnuTLS, deviating from the documented behavior considers a version 1 intermediate certificate as a CA certificate by default. For...
[SECURITY] [DSA 2866-1] gnutls26 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2866-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 22, 2014 http://www.debian.org/security/faq -...