Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:0304-1

Опубликовано: 27 янв. 2017
Источник: suse-cvrf

Описание

Security update for gnutls

This update for gnutls fixes the following issues:

  • Malformed asn1 definitions could cause a segmentation fault in the asn1 definition parser (bsc#961491).
  • CVE-2016-8610: Remote denial of service in SSL alert handling (bsc#1005879).
  • CVE-2017-5335: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
  • CVE-2017-5336: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).
  • CVE-2017-5337: Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows (bsc#1018832).

Список пакетов

SUSE Linux Enterprise High Availability Extension 11 SP4
libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4
gnutls-2.4.1-24.39.67.1
libgnutls-extra26-2.4.1-24.39.67.1
libgnutls26-2.4.1-24.39.67.1
libgnutls26-32bit-2.4.1-24.39.67.1
libgnutls26-x86-2.4.1-24.39.67.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
gnutls-2.4.1-24.39.67.1
libgnutls-extra26-2.4.1-24.39.67.1
libgnutls26-2.4.1-24.39.67.1
libgnutls26-32bit-2.4.1-24.39.67.1
libgnutls26-x86-2.4.1-24.39.67.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libgnutls-devel-2.4.1-24.39.67.1
libgnutls-extra-devel-2.4.1-24.39.67.1
libgnutls-extra26-2.4.1-24.39.67.1

Ссылки

Описание

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.67.1
Ссылки

Описание

The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error and crash) via a crafted OpenPGP certificate.

Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.67.1
Ссылки

Описание

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.

Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.67.1
Ссылки

Описание

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.67.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.67.1
Ссылки
Уязвимость SUSE-SU-2017:0304-1