Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2013-242-03
HistoryAug 30, 2013 - 8:25 p.m.

[slackware-security] gnutls

2013-08-3020:25:45
Slackware Linux Project
www.slackware.com
18

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.8%

JSON

New gnutls packages are available for Slackware 14.0 and -current to fix a
security issue.

Sorry about having to reissue this one – I pulled it from ftp.gnu.org not
realizing that the latest version there was actually months out of date.

Here are the details from the Slackware 14.0 ChangeLog:

patches/packages/gnutls-3.0.31-i486-1_slack14.0.txz: Upgraded.
[Updated to the correct version to fix fetching the “latest” from gnu.org]
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
For more information, see:
https://vulners.com/cve/CVE-2013-1619
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnutls-3.0.31-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnutls-3.0.31-x86_64-1_slack14.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-3.0.31-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnutls-3.0.31-x86_64-1.txz

MD5 signatures:

Slackware 14.0 package:
deffffdf6b2a432a11fde60237892407 gnutls-3.0.31-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
7c035da64b6f6b981b9479a49944257f gnutls-3.0.31-x86_64-1_slack14.0.txz

Slackware -current package:
66c5b3d438a7833f5ff1266c2f11a816 n/gnutls-3.0.31-i486-1.txz

Slackware x86_64 -current package:
f09cf7bd0ab4f89212ab10aaef495fa1 n/gnutls-3.0.31-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg gnutls-3.0.31-i486-1_slack14.0.txz

Related

nessus 26
fedora 9
openvas 48
centos 2
securityvulns 2
ubuntu 1
oraclelinux 4
amazon 2
slackware 2
redhat 4
veracode 1
ubuntucve 1
f5 2
prion 1
suse 4
gentoo 1
debiancve 1
cve 1
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : gnutls13, gnutls26 vulnerability (USN-1752-1)
2013-02-28 00:00:00
Fedora 18 : gnutls-2.12.23-1.fc18 (2013-2892)
2013-03-06 00:00:00
Slackware 14.0 / current : gnutls (SSA:2013-242-03)
2013-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: gnutls-2.12.23-1.fc18
2013-03-05 23:27:08
[SECURITY] Fedora 17 Update: gnutls-2.12.23-1.fc17
2013-03-12 23:33:08
[SECURITY] Fedora 18 Update: mingw-gnutls-2.12.23-1.fc18
2013-03-14 02:58:28
openvas
openvas
Fedora Update for mingw-gnutls FEDORA-2013-2110
2013-02-18 00:00:00
Fedora Update for mingw-gnutls FEDORA-2013-3453
2013-03-15 00:00:00
CentOS Update for gnutls CESA-2013:0588 centos6
2013-03-12 00:00:00
centos
centos
gnutls security update
2013-03-04 22:46:23
gnutls security update
2013-05-30 18:50:13
securityvulns
securityvulns
[USN-1752-1] GnuTLS vulnerability
2013-03-02 00:00:00
OpenSSL / PolarSSL / GnuTLS security vulnerabilities
2013-03-02 00:00:00
ubuntu
ubuntu
GnuTLS vulnerability
2013-02-27 00:00:00
oraclelinux
oraclelinux
gnutls security update
2013-03-04 00:00:00
gnutls security update
2013-05-30 00:00:00
gnutls security update
2014-03-03 00:00:00
amazon
amazon
Medium: gnutls
2013-03-14 22:04:00
Important: gnutls
2013-06-11 22:44:00
slackware
slackware
[slackware-security] gnutls
2013-08-30 07:46:14
[slackware-security] gnutls
2013-10-15 00:18:30
redhat
redhat
(RHSA-2013:0588) Moderate: gnutls security update
2013-03-04 00:00:00
(RHSA-2013:0883) Important: gnutls security update
2013-05-30 00:00:00
(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update
2013-03-13 00:00:00
veracode
veracode
Information Leakage
2019-01-15 08:58:55
ubuntucve
ubuntucve
CVE-2013-1619
2013-02-08 00:00:00
f5
f5
SOL15721 - GnuTLS vulnerability CVE-2013-1619
2014-10-23 00:00:00
K15721 : GnuTLS vulnerability CVE-2013-1619
2014-10-23 00:00:00
prion
prion
Design/Logic Flaw
2013-02-08 19:55:00
suse
suse
gnutls (critical)
2014-03-08 19:04:13
Security update for gnutls (critical)
2014-03-04 01:07:15
Security update for GnuTLS (important)
2014-06-16 18:04:14
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2013-10-28 00:00:00
debiancve
debiancve
CVE-2013-1619
2013-02-08 19:55:00
cve
cve
CVE-2013-1619
2013-02-08 19:55:00

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

0.004 Low

EPSS

Percentile

74.8%

JSON
Related for SSA-2013-242-03
nessus26fedora9openvas48centos2securityvulns2ubuntu1oraclelinux4amazon2slackware2redhat4veracode1ubuntucve1f52prion1suse4gentoo1debiancve1cve1