Mageia alert MGASA-2014-0248 (gnutls)

From:
    	     
 
Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	     
 
updates-announce@ml.mageia.org 
Subject:
    	     
 
[updates-announce] MGASA-2014-0248: Updated gnutls packages fix CVE-2104-3465-6 
Date:
    	     
 
Mon, 2 Jun 2014 20:47:32 +0200
Message-ID:
    	     
 
<20140602184732.77B1D52CE2@valstar.mageia.org>
MGASA-2014-0248 - Updated gnutls packages fix CVE-2104-3465-6

Publication date: 02 Jun 2014
URL: http://advisories.mageia.org/MGASA-2014-0248.html
Type: security
Affected Mageia releases: 3, 4
CVE: CVE-2014-3465,
     CVE-2014-3466

Description:
Updated gnutls packages fix security vulnerabilities:

A NULL pointer dereference flaw was discovered in GnuTLS's
gnutls_x509_dn_oid_name().  The function, when called with the
GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller.
However, it could previously return NULL when parsed X.509 certificates
included specific OIDs (CVE-2014-3465).

A flaw was found in the way GnuTLS parsed session ids from Server Hello
packets of the TLS/SSL handshake.  A malicious server could use this flaw to
send an excessively long session id value and trigger a buffer overflow in a
connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly,
execute arbitrary code (CVE-2014-3466).

References:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3465
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3466
- http://www.gnutls.org/security.html#GNUTLS-SA-2014-3
- https://bugs.mageia.org/show_bug.cgi?id=13457
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466

SRPMS:
- 4/core/gnutls-3.2.7-1.3.mga4
- 3/core/gnutls-3.1.16-1.3.mga3