CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

Integer overflow

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

CVE-2017-7869

GnuTLS contains a vulnerability CVE-2017-7869: an out-of-bounds write caused by an integer overflow and heap-based buffer overflow in cdk_pkt_read (opencdk/read-packet.c). This affects older GnuTLS before 2017-02-20 and is a subset of GNUTLS-SA-2017-3; the issue can crash the application (denial ...

CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

UBUNTU-CVE-2017-7869

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10...

openSUSE: Security Advisory for pidgin (openSUSE-SU-2017:0973-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for pidgin (important)

This update for pidgin to version 2.12.0 fixes the following issues: This security issue was fixed: - CVE-2017-2640: Out of bounds memory read in purplemarkupunescapeentity boo1028835. These non-security issues were fixed: + libpurple: - Fix the use of uninitialised memory if running...

Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20170321)

The following packages have been upgraded to a later upstream version: gnutls 2.12.23. Security Fixes : - A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL...

Medium: gnutls

Issue Overview: A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients...

USN-3183-2: GnuTLS vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that GnuTLS incorrectly handled certain OpenPGP certificates. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly...

BSA-2017-201

Security Advisory ID : BSA-2017-201 Component : OpenSSL Revision : 1.0: Interim It was found that function "ssl3readbytes" inssl/s3pkt.c might lead to higher CPU usage due to improper handling of warning packets.An attacker could repeat the undefined plaintext warning packets of "SSL3ALWARNING"...

Oracle Linux 6 : gnutls (ELSA-2017-0574)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0574 advisory. - Added fixes for OpenPGP parsing issues CVE-2017-5337, CVE-2017-5336, CVE-2017-5335 Tenable has extracted the preceding description block directly fro...

Oracle Linux 6 : tigervnc (ELSA-2017-0630)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0630 advisory. 1.1.0-24 - Proper global init/deinit of GnuTLS Resolves: bz1418946 1.1.0-23 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289...

OracleVM 3.3 / 3.4 : gnutls (OVMSA-2017-0054)

The remote OracleVM system is missing necessary patches to address critical security updates : - Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes 1326389, 1326073, 1323215, 1320982, 1328205, 1321112 - Modified gnutls-serv to accept --sni-hostname 1333521 - Modified gnutls-serv to always...

GnuTLS has multiple security vulnerabilities

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols developed by Nikos Mavrogiannopoulos of Belgium and Simon Josefsson of Sweden, software developers. GnuTLS contains multiple security vulnerabilities that can be exploited by attackers to execute...

CentOS 6 : gnutls (CESA-2017:0574)

An update for gnutls is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

tigervnc security and bug fix update

1.1.0-24 - Proper global init/deinit of GnuTLS Resolves: bz1418946 1.1.0-23 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-22 - Fix buffer overflow in FullFramePixelBuffer::fillRect Resolves: bz1416289 1.1.0-21 - Enable DRI2 and DRI3 Resolves: bz1323065 1.1.0-20...