EulerOS Virtualization 2.5.1 : libtasn1 (EulerOS-SA-2018-1335)

According to the version of the libtasn1 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Two errors in the 'asn1findnode' function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-2)

This update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

SUSE-SU-2018:2825-2 Security update for gnutls

This update for gnutls fixes the following issues: This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

openSUSE Security Update : gnutls (openSUSE-2018-1092)

This update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirtee...

Security update for gnutls (moderate)

This update for gnutls fixes the following security issues: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen...

SUSE-SU-2018:2930-1 Security update for gnutls

This update for gnutls fixes the following security issues: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen...

openSUSE Security Update : gnutls (openSUSE-2018-1049)

This update for gnutls fixes the following issues : Security issues fixed : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable t...

openSUSE: Security Advisory for gnutls (openSUSE-SU-2018:2854-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for gnutls (moderate)

This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to...

SUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2018:2842-1)

This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846, bsc1105460 - HMAC-SHA-384 vulnerable to Lucky thirteen...

SUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-1)

This update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

SUSE-SU-2018:2842-1 Security update for gnutls

This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846, bsc1105460 - HMAC-SHA-384 vulnerable to Lucky thirteen...

SUSE-SU-2018:2825-1 Security update for gnutls

This update for gnutls fixes the following issues: This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery CVE-2018-10846,...

DEBIAN-CVE-2016-1000030

Pidgin version 2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutlsx509crtinit and gnutlsx509crtimport that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client...

CVE-2016-1000030

Pidgin version 2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutlsx509crtinit and gnutlsx509crtimport that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client...

CVE-2016-1000030

Pidgin version 2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutlsx509crtinit and gnutlsx509crtimport that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client...

CVE-2016-1000030

Pidgin version 2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutlsx509crtinit and gnutlsx509crtimport that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client...

gnutls/gnutls_pkcs12_key_parser_fuzzer: Use-of-uninitialized-value in _pkcs12_decode_safe_contents

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=5762063012462592 Project: gnutls Fuzzer: libFuzzergnutlspkcs12keyparserfuzzer Fuzz target binary: gnutlspkcs12keyparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...

gnutls/gnutls_pkcs8_key_parser_fuzzer: Use-of-uninitialized-value in read_pbkdf2_params

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=5642279797129216 Project: gnutls Fuzzer: libFuzzergnutlspkcs8keyparserfuzzer Fuzz target binary: gnutlspkcs8keyparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...

gnutls/gnutls_pkcs12_key_parser_fuzzer: Use-of-uninitialized-value in _decode_pkcs12_auth_safe

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=5756813052477440 Project: gnutls Fuzzer: libFuzzergnutlspkcs12keyparserfuzzer Fuzz target binary: gnutlspkcs12keyparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...