Lucene search

K
suseSuseSUSE-SU-2014:0758-1
HistoryJun 05, 2014 - 3:04 a.m.

Security update for gnutls (important)

2014-06-0503:04:15
lists.opensuse.org
22

0.755 High

EPSS

Percentile

97.8%

GnuTLS has been patched to ensure proper parsing of session ids during the
TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have
been fixed.

Further information is available at
<a href=“http://www.gnutls.org/security.html#GNUTLS-SA-2014-3”>http://www.gnutls.org/security.html#GNUTLS-SA-2014-3</a>
<<a href=“http://www.gnutls.org/security.html#GNUTLS-SA-2014-3”>http://www.gnutls.org/security.html#GNUTLS-SA-2014-3</a>>

These security issues have been fixed:

   * Possible memory corruption during connect (CVE-2014-3466)
   * Multiple boundary check issues could allow DoS (CVE-2014-3467)
   * asn1_get_bit_der() can return negative bit length (CVE-2014-3468)
   * Possible DoS by NULL pointer dereference (CVE-2014-3469)

0.755 High

EPSS

Percentile

97.8%

Related for SUSE-SU-2014:0758-1