SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2019:1351-2)

This update for gnutls fixes the following issues : Security issue fixed : CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed: Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856. Note that...

EulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1676)

According to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of 'Just in...

SUSE-SU-2019:1351-2 Security update for gnutls

This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856...

EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2019-1649)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way gnutls handled malformed TLS 1.3 asynchronous messages. An attacker could use this flaw to crash an application...

Photon OS 2.0: Gnutls PHSA-2019-2.0-0152

An update of the gnutls package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0152. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid12621...

USN-3999-1: GnuTLS vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the “Lucky Thirteen” issue. A remote attacker could...

Ubuntu 16.04 LTS / 18.04 LTS : GnuTLS vulnerabilities (USN-3999-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3999-1 advisory. Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side- channel attack known as the Lucky...

openSUSE: Security Advisory for gnutls (openSUSE-SU-2019:1477-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[ASA-201905-13] lib32-libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201905-13 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5435 CVE-2019-5436 Package : lib32-libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-961 Summary ======= The...

openSUSE Security Update : gnutls (openSUSE-2019-1477)

This update for gnutls fixes the following issues : Security issue fixed : - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed : - Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856. This upda...

[ASA-201905-12] libcurl-gnutls: arbitrary code execution

Arch Linux Security Advisory ASA-201905-12 ========================================== Severity: High Date : 2019-05-31 CVE-ID : CVE-2019-5436 Package : libcurl-gnutls Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-960 Summary ======= The package...

USN-3999-1: GnuTLS vulnerabilities

Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected...

USN-3999-1 gnutls28 vulnerabilities

Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected...

OPENSUSE-SU-2019:1477-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856. This update...

Security update for gnutls (important)

openSUSE Security Update: Security update for gnutls Announcement ID: openSUSE-SU-2019:1477-1 Rating: important References: 1118087 1134856 Cross-References: CVE-2018-16868 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2019:1351-1)

This update for gnutls fixes the following issues : Security issue fixed : CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed: Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856. Note that...

SUSE-SU-2019:1351-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS1 v1.5 verification bsc1118087. Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors bsc1134856...

SUSE-SU-2019:14058-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issues fixed: - CVE-2018-10846: Improve mitigations against Lucky 13 class of attacks PRIME + PROBE bsc1105460. - CVE-2017-10790: Fixed a denial of service in the asn1checkidentifier function bsc1047002...

Photon OS 1.0: Gnutls PHSA-2019-1.0-0224

An update of the gnutls package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0224. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid12508...

EulerOS Virtualization for ARM 64 3.0.1.0 : gnutls (EulerOS-SA-2019-1388)

According to the versions of the gnutls packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote...