EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2023-2122)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be...

RHEL 8 : gnutls (RHSA-2023:3361)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3361 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

EulerOS Virtualization 2.9.1 : gnutls (EulerOS-SA-2023-1997)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be...

EulerOS Virtualization 2.9.0 : gnutls (EulerOS-SA-2023-2018)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-2018)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-1997)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2023-1685536317 gnutls: Fix of CVE-2022-2509

CVE-2022-2509: Fix double free during gnutlspkcs7verify...

CLSA-2023-1685536090 gnutls: Fix of CVE-2022-2509

CVE-2022-2509: Fix double free during gnutlspkcs7verify...

gnutls: timing side-channel in the TLS RSA key exchange code

A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send ...

Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Summary IBM Cloud Transformation Advisor has addressed several security vulnerabilities including those in Go, OpenSSL and Node.js Vulnerability Details CVEID:CVE-2023-0361 DESCRIPTION: GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing side-channel flaw in t...

gnutls bug fix and enhancement update

An update is available for gnutls. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.2...

Oracle Linux 8 : samba (ELSA-2023-2987)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2987 advisory. - In Samba, GnuTLS gnutlsrnd can fail and give predictable random values. CVE-2022-1615 Note that Nessus has not tested for this issue but has instead relied on...

Mageia: Security Advisory (MGASA-2023-0067)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : gnutls (EulerOS-SA-2023-1953)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-1953)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : gnutls (EulerOS-SA-2023-1975)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2023-1975)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

samba: GnuTLS gnutls_rnd() can fail and give predictable random values

A flaw was found in Samba. When the gnutlsrnd function is called, its return value is not verified, allowing it to give predictable random values when the call to the gnutlsrnd function fails...

Low: Red Hat Security Advisory: samba security, bug fix, and enhancement update

An update for evolution-mapi, openchange, and samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...