Slackware 14.0 / 14.1 / 14.2 / current : gnutls (SSA:2017-011-02)

New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-011-02. The text itself is...

CVE-2017-5337

Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...

CVE-2017-5336

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

CVE-2017-5335

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service out-of-memory error and crash via a crafted OpenPGP certificate...

CVE-2017-5334

A double-free flaw was found in the way GnuTLS parsed certain X.509 certificates with Proxy Certificate Information extension. An attacker could create a specially-crafted certificate which, when processed by an application compiled against GnuTLS, could cause that application to crash...

UBUNTU-CVE-2017-5334

Double free vulnerability in the gnutlsx509extimportproxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension...

UBUNTU-CVE-2017-5336

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

UBUNTU-CVE-2017-5335

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service out-of-memory error and crash via a crafted OpenPGP certificate...

CVE-2017-5334

Double free vulnerability in the gnutlsx509extimportproxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension...

UBUNTU-CVE-2017-5337

Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...

CVE-2017-5335

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service out-of-memory error and crash via a crafted OpenPGP certificate...

CVE-2017-5337

Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...

CVE-2017-5336

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

FreeBSD : GnuTLS -- Memory corruption vulnerabilities (0c5369fc-d671-11e6-a9a5-b499baebfeaf)

The GnuTLS project reports : - It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted OpenPGP certificate could lead to heap and stack overflows. GNUTLS-SA-2017-2 - It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted X.509...

GnuTLS -- Memory corruption vulnerabilities

The GnuTLS project reports: It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted OpenPGP certificate could lead to heap and stack overflows. GNUTLS-SA-2017-2 It was found using the OSS-FUZZ fuzzer infrastructure that decoding a specially crafted X.509 certificat...

gnutls: Heap-buffer-overflow in read_attribute

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4915014171361280 Project: gnutls Fuzzer: libFuzzergnutlsopenpgpcertparserfuzzer Fuzz target binary: gnutlsopenpgpcertparserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux...

[ASA-201701-11] lib32-libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201701-11 ========================================== Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-117 Summary ======= The packag...

[ASA-201701-8] libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201701-8 ========================================= Severity: Medium Date : 2017-01-03 CVE-ID : CVE-2016-9586 CVE-2016-9594 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-114 Summary ======= The package...

gnutls: Heap-buffer-overflow in _cdk_buftou32

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5547832371052544 Project: gnutls Fuzzer: libFuzzergnutlsopenpgpcertparserfuzzer Fuzz target binary: gnutlsopenpgpcertparserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux...

gnutls: Stack-buffer-overflow in cdk_pk_get_keyid

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6746150208012288 Project: gnutls Fuzzer: libFuzzergnutlsopenpgpcertparserfuzzer Fuzz target binary: gnutlsopenpgpcertparserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux...