Описание
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gnutls28 | fixed | 3.6.7-1 | experimental | package |
| gnutls28 | fixed | 3.6.7-2 | package | |
| gnutls28 | not-affected | stretch | package | |
| gnutls28 | not-affected | jessie | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1678411
https://gitlab.com/gnutls/gnutls/issues/704
https://gitlab.com/gnutls/gnutls/commit/96e07075e8f105b13e76b11e493d5aa2dd937226
https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27
Upstream versions affected are 3.6.4 and later before 3.6.7
Связанные уязвимости
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
Уязвимость криптографической библиотеки GnuTLS, связанная с доступом к неинициализированному указателю, позволяющая нарушителю вызвать отказ в обслуживании