Fedora 21 : gnutls-3.3.17-1.fc21 (2015-13168)

updated to 3.3.17 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...

FreeBSD : gnutls -- MD5 downgrade in TLS signatures (3de36a19-429d-11e5-9daa-14dae9d210b8)

Karthikeyan Bhargavan reports : GnuTLS does not by default support MD5 signatures. Indeed the RSA-MD5 signature-hash algorithm needs to be explicitly enabled using the priority option VERIFYALLOWSIGNRSAMD5. In the NORMAL and SECURE profiles, GnuTLS clients do not offer RSA-MD5 in the signature...

FreeBSD : gnutls -- double free in certificate DN decoding (ec6a2a1e-429d-11e5-9daa-14dae9d210b8)

gnutls.org reports : Kurt Roeckx reported that decoding a specific certificate with very long DistinguishedName DN entries leads to double free, which may result to a denial of service. Since the DN decoding occurs in almost all applications using certificates it is recommended to upgrade the...

CVE-2014-8155

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

Design/Logic Flaw

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

CVE-2014-8155

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

CVE-2014-8155

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

CVE-2014-8155

GnuTLS before 2.9.10 does not verify CA certificate activation/expiration dates, enabling MITM via certificates not yet valid or no longer valid. Affected: GnuTLS library (pre-2.9.10). Mitigation: upgrade to 2.9.10 or later where the issue is fixed (per advisory references). If exploiting details...

SUSE-SU-2015:1526-1 Security update for gnutls

This security update of gnutls fixes the following issues: - use minimal padding for CBC, the default random length padding causes problems with some servers bsc925499 added gnutls-useminimalcbcpadding.patch - use the default DH minimum for gnutls-cli instead of hardcoding 512 CVE-2015-4000 Logja...

Fedora 22 : gnutls-3.3.17-1.fc22 (2015-13140)

updated to 3.3.17 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...

Fedora Update for gnutls FEDORA-2015-13140

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GnuTLS 'common.c' Denial of Service Vulnerability

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols developed by Nikos Mavrogiannopoulos of Belgium and Simon Josefsson of Sweden, software developers. A denial of service vulnerability exists in GnuTLS, which can be exploited by attackers to cause a...

[SECURITY] Fedora 22 Update: gnutls-3.3.17-1.fc22

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

openSUSE Security Update : gnutls (openSUSE-2015-542)

fix for CVE-2015-3622 in bundled libtasn1 bsc929414 - invalid read in octet string - added gnutls-CVE-2015-3622.patch - fix for GNUTLS-SA-2015-2 bsc929690 - ServerKeyExchange signature issue - added gnutls-GNUTLS-SA-2015-2.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

Fedora 21 : xen-4.4.2-9.fc21 (2015-12714)

QEMU heap overflow flaw while processing certain ATAPI commands. XSA-138, CVE-2015-5154 1247142 rebuild efi grub.cfg if it is present 1239309, add gcc5 build fixes, one needed for the following patch, modify gnutls use in line with Fedora's crypto policies 117935 Note that Tenable Network Securit...

Fedora 22 : xen-4.5.1-5.fc22 (2015-12657)

QEMU heap overflow flaw while processing certain ATAPI commands. XSA-138, CVE-2015-5154 1247142 try again to fix xen-qemu-dom0-disk-backend.service 1242246 correct qemu location in xen-qemu-dom0-disk-backend.service 1242246, rebuild efi grub.cfg if it is present 1239309, re-enable remus by buildi...

[SECURITY] [DSA 3334-1] gnutls28 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3334-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 12, 2015 https://www.debian.org/security/faq -...

Amazon Linux AMI : gnutls (ALAS-2015-575)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

Medium: gnutls

Issue Overview: It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whethe...

Scientific Linux Security Update : gnutls on SL6.x i386/x86_64 (20150722)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...