Описание
ELSA-2017-0574: gnutls security, bug fix, and enhancement update (MODERATE)
[2.12.23-21]
- Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes (#1326389, #1326073, #1323215, #1320982, #1328205, #1321112)
- Modified gnutls-serv to accept --sni-hostname (#1333521)
- Modified gnutls-serv to always reply with an alert message (#1327656)
- Removed support for DSA2 as it causes interoperability issues (#1321112)
- Allow sending and receiving certificates which were not in the signature algorithms extension (#1328205)
- Removed support for EXPORT ciphersuites (#1337460)
- Raised the minimum acceptable DH size to 1024 (#1335924)
- Restricted the number of alert that can be received during handshake (#1388730)
- Added fixes for OpenPGP parsing issues (CVE-2017-5337, CVE-2017-5336, CVE-2017-5335)
- The exposed (but internal) crypto back-end registration API is deprecated and no longer functional. The ABI is kept compatible (#1415682)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
gnutls
2.12.23-21.el6
gnutls-devel
2.12.23-21.el6
gnutls-guile
2.12.23-21.el6
gnutls-utils
2.12.23-21.el6
Oracle Linux i686
gnutls
2.12.23-21.el6
gnutls-devel
2.12.23-21.el6
gnutls-guile
2.12.23-21.el6
gnutls-utils
2.12.23-21.el6
Oracle Linux sparc64
gnutls
2.12.23-21.el6
gnutls-devel
2.12.23-21.el6
gnutls-guile
2.12.23-21.el6
gnutls-utils
2.12.23-21.el6
Связанные CVE
Связанные уязвимости
oracle-oval
почти 8 лет назад
ELSA-2017-2292: gnutls security, bug fix, and enhancement update (MODERATE)
CVSS3: 9.8
ubuntu
больше 8 лет назад
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.