OPENSUSE-SU-2020:0501-1 Security update for gmp, gnutls, libnettle

This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...

Security update for gmp, gnutls, libnettle (moderate)

openSUSE Security Update: Security update for gmp, gnutls, libnettle Announcement ID: openSUSE-SU-2020:0501-1 Rating: moderate References: 1152692 1155327 1166881 1168345 Cross-References: CVE-2020-11501 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three...

Important Photon OS Security Update - PHSA-2020-0288

Updates of 'libgcrypt', 'yarn', 'python2', 'openvswitch', 'kubernetes', 'gnupg' packages of Photon OS have been released...

Denial Of Service (DoS)

gnutls is vulnerable to Denial Of Service DoS. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash...

Denial Of Service (DoS)

gnutls is vulnerable to Denial Of Service DoS. A flaw was found in the way GnuTLS decrypted malformed TLS records. This could cause a TLS/SSL client or server to crash when processing a specially-crafted TLS record from a remote TLS/SSL connection peer...

Denial Of Service (DoS)

gnutls is vulnerable to denial of service. A boundary error was found in the gnutlssessiongetdata function. A malicious TLS/SSL server could use this flaw to crash a TLS/SSL client or, possibly, execute arbitrary code as the client, if the client passed a fixed-sized buffer to gnutlssessiongetdat...

SUSE SLED15 / SLES15 Security Update : gmp, gnutls, libnettle (SUSE-SU-2020:0948-1)

This update for gmp, gnutls, libnettle fixes the following issues : Security issue fixed : CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...

SUSE-SU-2020:0948-1 Security update for gmp, gnutls, libnettle

This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...

Ubuntu: Security Advisory (USN-4322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11501

A cryptographic weakness was found in the way DLTS implementation of GnuTLS, used zeros in place of random numbers. This flaw can break the security guarantee of the DTLS protocol...

USN-4322-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled randomness when performing DTLS negotiation. A remote attacker could possibly use this issue to obtain sensitive information, contrary to expectations...

GnuTLS Encryption Problem Vulnerability

GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols. An encryption issue vulnerability exists in versions prior to GnuTLS 3.6.13. The vulnerability stems from a network system or product that does not properly use the relevant cryptographic algorithms,...

Debian: Security Advisory (DSA-4652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4652-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4652-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 04, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4652-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4652-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 04, 2020 https://www.debian.org/security/faq -...

DEBIAN-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

UBUNTU-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...