4556 matches found
gnutls: Heap-use-after-free in _gnutls_buffer_append_printf
Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6643160214142976 Project: gnutls Fuzzer: libFuzzergnutlsx509parserfuzzer Job Type: libfuzzerasangnutls Platform Id: linux Crash Type: Heap-use-after-free READ 2 Crash Address:...
Fedora Update for gnutls FEDORA-2016-cafdfdf58c
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2016-a1e5b2331a
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mingw-gnutls FEDORA-2016-762cb57c92
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : mingw-gnutls / mingw-nettle (2016-762cb57c92)
Nettle 3.3: https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00003.html GnuTLS 3.5.5: https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
[SECURITY] Fedora 25 Update: mingw-gnutls-3.5.5-2.fc25
GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...
Fedora 25 : gnutls (2016-cafdfdf58c)
New upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 25 : mingw-gnutls (2016-a1e5b2331a)
https://lists.gnupg.org/pipermail/gnutls-devel/2016-September/008153.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
[ASA-201611-9] libcurl-gnutls: multiple issues
Arch Linux Security Advisory ASA-201611-9 ========================================= Severity: High Date : 2016-11-03 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8619 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : libcurl-gnutls Type : multiple issu...
MGASA-2016-0326 Updated gnutls packages fix security vulnerability
An issue was found in certificate validation using OCSP responses caused by not verifying the serial length, which can falsely report a certificate as valid CVE-2016-7444...
Updated gnutls packages fix security vulnerability
An issue was found in certificate validation using OCSP responses caused by not verifying the serial length, which can falsely report a certificate as valid CVE-2016-7444...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
ALPINE-CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
Design/Logic Flaw
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...
UBUNTU-CVE-2016-7444
The gnutlsocsprespcheckcrt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCSP response, which might allow remote attackers to bypass an intended certificate validation mechanism via vectors involving trailing bytes left by...