Описание
Security update for gnutls
This update for gnutls fixes the following security issues:
- CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568)
- CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
gnutls-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP4
gnutls-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
SUSE Linux Enterprise High Availability Extension 11 SP3
libgnutls-extra26-2.4.1-24.39.60.1
SUSE Linux Enterprise High Availability Extension 11 SP4
libgnutls-extra26-2.4.1-24.39.60.1
SUSE Linux Enterprise Server 11 SP3
gnutls-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
libgnutls26-x86-2.4.1-24.39.60.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
gnutls-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
libgnutls26-x86-2.4.1-24.39.60.1
SUSE Linux Enterprise Server 11 SP4
gnutls-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
libgnutls26-x86-2.4.1-24.39.60.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
gnutls-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
libgnutls26-x86-2.4.1-24.39.60.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
gnutls-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
libgnutls26-2.4.1-24.39.60.1
libgnutls26-32bit-2.4.1-24.39.60.1
libgnutls26-x86-2.4.1-24.39.60.1
SUSE Linux Enterprise Software Development Kit 11 SP3
libgnutls-devel-2.4.1-24.39.60.1
libgnutls-extra-devel-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libgnutls-devel-2.4.1-24.39.60.1
libgnutls-extra-devel-2.4.1-24.39.60.1
libgnutls-extra26-2.4.1-24.39.60.1
Ссылки
- Link for SUSE-SU-2016:0077-1
- E-Mail link for SUSE-SU-2016:0077-1
- SUSE Security Ratings
- SUSE Bug 924828
- SUSE Bug 947271
- SUSE Bug 957568
- SUSE CVE CVE-2015-2806 page
- SUSE CVE CVE-2015-8313 page
Описание
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:gnutls-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP4:gnutls-2.4.1-24.39.60.1
Ссылки
- CVE-2015-2806
- SUSE Bug 924828
- SUSE Bug 929414
- SUSE Bug 961491
- SUSE Bug 969208
Описание
GnuTLS incorrectly validates the first byte of padding in CBC modes
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:gnutls-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1
SUSE Linux Enterprise Desktop 11 SP4:gnutls-2.4.1-24.39.60.1
Ссылки
- CVE-2015-8313
- SUSE Bug 957568