Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1526-1

Опубликовано: 14 авг. 2015
Источник: suse-cvrf

Описание

Security update for gnutls

This security update of gnutls fixes the following issues:

  • use minimal padding for CBC, the default random length padding causes problems with some servers (bsc#925499)
    • added gnutls-use_minimal_cbc_padding.patch
  • use the default DH minimum for gnutls-cli instead of hardcoding 512
    • CVE-2015-4000 (Logjam) (bsc#932026)
    • added gnutls-CVE-2015-4000-logjam-use_the_default_DH_min_for_cli.patch

Список пакетов

SUSE Linux Enterprise Desktop 11 SP3
gnutls-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
SUSE Linux Enterprise Desktop 11 SP4
gnutls-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
SUSE Linux Enterprise High Availability Extension 11 SP3
libgnutls-extra26-2.4.1-24.39.57.1
SUSE Linux Enterprise High Availability Extension 11 SP4
libgnutls-extra26-2.4.1-24.39.57.1
SUSE Linux Enterprise Server 11 SP3
gnutls-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls26-x86-2.4.1-24.39.57.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
gnutls-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls26-x86-2.4.1-24.39.57.1
SUSE Linux Enterprise Server 11 SP4
gnutls-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls26-x86-2.4.1-24.39.57.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
gnutls-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls26-x86-2.4.1-24.39.57.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
gnutls-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libgnutls26-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls26-x86-2.4.1-24.39.57.1
SUSE Linux Enterprise Software Development Kit 11 SP3
libgnutls-devel-2.4.1-24.39.57.1
libgnutls-extra-devel-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libgnutls-devel-2.4.1-24.39.57.1
libgnutls-extra-devel-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1

Ссылки

Описание

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:gnutls-2.4.1-24.39.57.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-2.4.1-24.39.57.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-32bit-2.4.1-24.39.57.1
SUSE Linux Enterprise Desktop 11 SP4:gnutls-2.4.1-24.39.57.1
Ссылки
Уязвимость SUSE-SU-2015:1526-1