RHSA-2024:1784 Red Hat Security Advisory: gnutls security update

Bulletin has no description...

K000141041: GnuTLS vulnerabilities CVE-2024-28834 and CVE-2024-28835

Security Advisory Description CVE-2024-28834 A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLSPRIVKEYFLAGREPRODUCIBLE flag...

SUSE: Security Advisory (SUSE-SU-2024:3211-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3211-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:3204-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : curl (SUSE-SU-2024:3211-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3211-1 advisory. - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093 Tenable has extracted the preceding...

SUSE-SU-2024:3211-1 Security update for curl

This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093...

CVE-2024-8096 OCSP stapling bypass with GnuTLS

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

CVE-2024-8096

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

CVE-2024-8096 OCSP stapling bypass with GnuTLS

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

SUSE-SU-2024:3204-1 Security update for curl

This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093...

SUSE-SU-2024:3203-1 Security update for curl

This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093...

SUSE-SU-2024:3202-1 Security update for curl

This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. bsc1230093 - CVE-2024-7264: ASN.1 date parser overread. bsc1228535...

CURL-CVE-2024-8096 OCSP stapling bypass with GnuTLS

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

SUSE: Security Advisory (SUSE-SU-2024:3203-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM MQ Appliance is vulnerable to exposure of sensitive information (CVE-2023-5981 and CVE-2024-0533)

Summary IBM MQ Appliance has addressed GNU GnuTLS exposure of sensitive information vulnerabilities. Vulnerability Details CVEID:CVE-2023-5981 DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing sidechannel issue during RSA-PSK key exchange. B...

Debian dla-3875 : gnutls-bin - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3875 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3875-1 [email protected]...

[SECURITY] [DLA 3875-1] gnutls28 security update

Debian LTS Advisory DLA-3875-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 05, 2024 https://wiki.debian.org/LTS Package : gnutls28 Version : 3.7.1-5+deb11u6 CVE ID : CVE-2024-28834 CVE-2024-28835 Debian Bug : 1067463 1067464 Vulnerabilities have been...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-2306)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2024-2326)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem...