|
|
Subscribe / Log in / New account

gnutls: code execution

Package(s):gnutls26 CVE #(s):CVE-2014-3466
Created:June 2, 2014 Updated:July 24, 2014
Description: From the Debian advisory:

Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial or service.

This Red Hat bug report has some more information.

Alerts:
Mandriva MDVSA-2015:072 gnutls 2015-03-27
Oracle ELSA-2014-0684 gnutls 2014-07-23
SUSE SUSE-SU-2014:0800-1 GnuTLS 2014-06-16
Fedora FEDORA-2014-6963 mingw-gnutls 2014-06-10
Fedora FEDORA-2014-6953 mingw-gnutls 2014-06-10
Fedora FEDORA-2014-6881 gnutls 2014-06-10
Slackware SSA:2014-156-01 gnutls 2014-06-05
openSUSE openSUSE-SU-2014:0767-1 gnutls 2014-06-06
openSUSE openSUSE-SU-2014:0763-1 gnutls 2014-06-06
SUSE SUSE-SU-2014:0758-1 gnutls 2014-06-05
Scientific Linux SLSA-2014:0595-1 gnutls 2014-06-03
Scientific Linux SLSA-2014:0594-1 gnutls 2014-06-03
Oracle ELSA-2014-0594 gnutls 2014-06-03
Oracle ELSA-2014-0595 gnutls 2014-06-03
Fedora FEDORA-2014-6891 gnutls 2014-06-04
CentOS CESA-2014:0594 gnutls 2014-06-04
CentOS CESA-2014:0595 gnutls 2014-06-04
Red Hat RHSA-2014:0595-01 gnutls 2014-06-03
Red Hat RHSA-2014:0594-01 gnutls 2014-06-03
Mageia MGASA-2014-0248 gnutls 2014-06-02
Ubuntu USN-2229-1 gnutls26 2014-06-02
Debian DSA-2944-1 gnutls26 2014-06-01
Mandriva MDVSA-2014:109 gnutls 2014-06-09
Mandriva MDVSA-2014:108 gnutls 2014-06-09
SUSE SUSE-SU-2014:0788-2 GnuTLS 2014-06-13
Gentoo 201406-09 gnutls 2014-06-13
SUSE SUSE-SU-2014:0758-2 GnuTLS 2014-06-13
SUSE SUSE-SU-2014:0788-1 GnuTLS 2014-06-13
Red Hat RHSA-2014:0684-01 gnutls 2014-06-10
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds