Описание
Security update for gnutls
This update for gnutls fixes the following issues:
- GNUTLS-SA-2017-3 / CVE-2017-7869: An out-of-bounds write in OpenPGP certificate decoding was fixed (bsc#1034173)
- CVE-2017-6891: A potential stack buffer overflow in the bundled libtasn1 was fixed (bsc#1040621)
- An address read of 4 bytes past the end of buffer in OpenPGP certificate parsing was fixed (bsc#1038337)
Список пакетов
SUSE Linux Enterprise High Availability Extension 11 SP4
libgnutls-extra26-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4
gnutls-2.4.1-24.39.70.1
libgnutls-extra26-2.4.1-24.39.70.1
libgnutls26-2.4.1-24.39.70.1
libgnutls26-32bit-2.4.1-24.39.70.1
libgnutls26-x86-2.4.1-24.39.70.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
gnutls-2.4.1-24.39.70.1
libgnutls-extra26-2.4.1-24.39.70.1
libgnutls26-2.4.1-24.39.70.1
libgnutls26-32bit-2.4.1-24.39.70.1
libgnutls26-x86-2.4.1-24.39.70.1
SUSE Linux Enterprise Software Development Kit 11 SP4
libgnutls-devel-2.4.1-24.39.70.1
libgnutls-extra-devel-2.4.1-24.39.70.1
libgnutls-extra26-2.4.1-24.39.70.1
Ссылки
- Link for SUSE-SU-2017:1886-1
- E-Mail link for SUSE-SU-2017:1886-1
- SUSE Security Ratings
- SUSE Bug 1034173
- SUSE Bug 1038337
- SUSE Bug 1040621
- SUSE CVE CVE-2017-6891 page
- SUSE CVE CVE-2017-7869 page
Описание
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.70.1
Ссылки
- CVE-2017-6891
- SUSE Bug 1040621
- SUSE Bug 1049210
- SUSE Bug 1149679
Описание
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
Затронутые продукты
SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.70.1
SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.70.1
Ссылки
- CVE-2017-7869
- SUSE Bug 1034173
- SUSE Bug 1038337
- SUSE Bug 1049210
- SUSE Bug 1149679