gnutls -- client-side memory corruption

GnuTLS project reports: This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client...

GnuTLS Certificate Verification Policy Bypass (CVE-2014-0092)

A policy bypass vulnerability has been found in GnuTLS. The vulnerability is due to an error in validating certificates. A remote attacker can employ this vulnerability to bypass certificate validation performed by an application using a vulnerable version of the GnuTLS library...

TLS 1.3 Has Consensus to Deprectate RSA Key Transport

The IETF working group responsible for the TLS 1.3 standard is closing in on a decision to remove RSA key transport cipher suites from the protocol. Decades-old RSA-based handshakes don’t cut it anymore, according to experts, who are anxious to put a modern protocol in place, one that can fend of...

SOL15160 - GnuTLS vulnerability CVE-2014-0092

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. For affected ARX...

Important: Red Hat Security Advisory: rhev-hypervisor6 security update

An updated rhev-hypervisor6 package that fixes multiple security issues is now available. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for eac...

gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

Fedora Update for mingw-gnutls FEDORA-2014-3493

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mingw-gnutls FEDORA-2014-3454

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mingw-gnutls FEDORA-2014-3454

Check for the Version of mingw-gnutls OpenVAS Vulnerability Test Fedora Update for mingw-gnutls FEDORA-2014-3454 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora 19 : mingw-gnutls-3.1.22-1.fc19 (2014-3493)

Version 3.1.22 released 2014-03-03 - libgnutls: Corrected certificate verification issue GNUTLS-SA-2014-2 - libgnutls: Corrected issue in gnutlspcertlistimportx509raw when provided with invalid data. Reported by Dmitriy Anisimkov. - libgnutls: Corrected timeout issue in subsequent to the first DT...

Fedora 20 : mingw-gnutls-3.1.22-1.fc20 (2014-3454)

Version 3.1.22 released 2014-03-03 - libgnutls: Corrected certificate verification issue GNUTLS-SA-2014-2 - libgnutls: Corrected issue in gnutlspcertlistimportx509raw when provided with invalid data. Reported by Dmitriy Anisimkov. - libgnutls: Corrected timeout issue in subsequent to the first DT...

Fedora Update for mingw-gnutls FEDORA-2014-3493

Check for the Version of mingw-gnutls OpenVAS Vulnerability Test Fedora Update for mingw-gnutls FEDORA-2014-3493 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 20 Update: mingw-gnutls-3.1.22-1.fc20

GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...

[SECURITY] Fedora 19 Update: mingw-gnutls-3.1.22-1.fc19

GnuTLS TLS/SSL encryption library. This library is cross-compiled for MinGW...

GnuTLS certificate validation bypass

Invalid error handling...

[ MDVSA-2014:048 ] gnutls

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:048 http://www.mandriva.com/en/support/security/ Package : gnutls Date : March 10, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated gnutls packages fix security...

gnutls: incorrect error handling in certificate verification (GNUTLS-SA-2014-2)

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.3, 5.6 and 6.2 Long Life, and Red Hat Enterprise Linux 5.9, 6.3 and 6.4 Extended Update Support. The Red Hat Security Response Team has rate...

SuSE Update for gnutls openSUSE-SU-2014:0328-1 (gnutls)

Check for the Version of gnutls OpenVAS Vulnerability Test $Id: gbsuse201403281.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for gnutls openSUSE-SU-2014:0328-1 gnutls Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program i...

openSUSE: Security Advisory for gnutls (openSUSE-SU-2014:0346-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...