11 matches found
Mandriva Linux Security Advisory : gnutls (MDVSA-2015:072)
Updated gnutls packages fix security vulnerabilities : Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default something that deviates from the...
RHEL 7 : gnutls (RHSA-2014:0684)
Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Oracle Linux 7 : gnutls (ELSA-2014-0684)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0684 advisory. 3.1.18-9 - fix session ID length check 1102027 - fixes null pointer dereference 1101727 Tenable has extracted the preceding description block directly...
RedHat Update for gnutls RHSA-2014:0684-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
CVE-2014-3465
CVE-2014-3465 affects GnuTLS, specifically gnutls_x509_dn_oid_name in lib/x509/common.c. In GnuTLS 3.0.x before 3.1.20 and 3.2.x before 3.2.10, processing an X.509 DN with an OID lacking an LDAP description can trigger a NULL pointer dereference via crafted certificates, causing a denial of servi...
CVE-2014-3465
The gnutlsx509dnoidname function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN...
Important: Red Hat Security Advisory: gnutls security update
Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
gnutls: Fixed possible memory corruption (important)
gnutls was patched to fix security vulnerability that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect CVE-2014-3466 - NULL pointer dereference in gnutlsx509dnoidname CVE-2014-3465...
[oss-security] GnuTLS and libtasn1 security fixes
Hi! New GnuTLS and libtasn1 versions fix few issues you might be interested to look at: http://www.gnutls.org/security.htmlGNUTLS-SA-2014-3 https://bugzilla.redhat.com/showbug.cgi?id=CVE-2014-3465 https://bugzilla.redhat.com/showbug.cgi?id=CVE-2014-3466...