| |||||||||||||||||||
Mageia alert MGASA-2013-0050 (gnutls)
MGASA-2013-0050 Date: February 13th, 2013 Affected releases: 2 Media: Core Description: Nadhem Alfardan and Kenny Paterson devised an attack that recovers some bits of the plaintext of a GnuTLS session that utilizes that CBC ciphersuites, by using timing information (CVE-2013-1619). The gnutls package has been updated to latest 3.0.28 version to fix above problem. Updated Packages: i586: gnutls-3.0.28-3.mga2.i586.rpm libgnutls28-3.0.28-3.mga2.i586.rpm libgnutls-devel-3.0.28-3.mga2.i586.rpm libgnutls-ssl27-3.0.28-3.mga2.i586.rpm gnutls-debug-3.0.28-3.mga2.i586.rpm libtasn1_3-2.14-1.mga2.i586.rpm libtasn1-devel-2.14-1.mga2.i586.rpm libtasn1-tools-2.14-1.mga2.i586.rpm libtasn1-debug-2.14-1.mga2.i586.rpm x86_64: gnutls-3.0.28-3.mga2.x86_64.rpm lib64gnutls28-3.0.28-3.mga2.x86_64.rpm lib64gnutls-devel-3.0.28-3.mga2.x86_64.rpm lib64gnutls-ssl27-3.0.28-3.mga2.x86_64.rpm gnutls-debug-3.0.28-3.mga2.x86_64.rpm lib64tasn1_3-2.14-1.mga2.x86_64.rpm lib64tasn1-devel-2.14-1.mga2.x86_64.rpm libtasn1-tools-2.14-1.mga2.x86_64.rpm libtasn1-debug-2.14-1.mga2.x86_64.rpm SRPMS: gnutls-3.0.28-3.mga2.src.rpm libtasn1-2.14-1.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619 http://article.gmane.org/gmane.comp.encryption.gpg.gnutls... https://bugs.mageia.org/show_bug.cgi?id=9038 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||