logo
DATABASE RESOURCES PRICING ABOUT US

GnuTLS vulnerabilities

Description

## Releases * Ubuntu 11.10 * Ubuntu 11.04 * Ubuntu 10.10 * Ubuntu 10.04 * Ubuntu 8.04 ## Packages * gnutls13 \- the GNU TLS library - commandline utilities * gnutls26 \- the GNU TLS library - commandline utilities Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption. (CVE-2011-4128) Matthew Hall discovered that the GnuTLS library incorrectly handled TLS records. A remote attacker could crash client and server applications, leading to a denial of service, by sending a crafted TLS record. (CVE-2012-1573)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 8.04 libgnutls13 2.0.4-1ubuntu2.7
Ubuntu 11.10 libgnutls26 2.10.5-1ubuntu3.1
Ubuntu 11.04 libgnutls26 2.8.6-1ubuntu2.1
Ubuntu 10.10 libgnutls26 2.8.6-1ubuntu0.1
Ubuntu 10.04 libgnutls26 2.8.5-2ubuntu0.1

Related