Описание
Security update for gnutls
This update for gnutls fixes the following issues:
- CVE-2021-20232: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183456).
- CVE-2021-20231: Fixed a use after free issue which could have led to memory corruption and other potential consequences (bsc#1183457).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
gnutls-3.6.7-lp152.9.9.1
gnutls-guile-3.6.7-lp152.9.9.1
libgnutls-dane-devel-3.6.7-lp152.9.9.1
libgnutls-dane0-3.6.7-lp152.9.9.1
libgnutls-devel-3.6.7-lp152.9.9.1
libgnutls-devel-32bit-3.6.7-lp152.9.9.1
libgnutls30-3.6.7-lp152.9.9.1
libgnutls30-32bit-3.6.7-lp152.9.9.1
libgnutls30-hmac-3.6.7-lp152.9.9.1
libgnutls30-hmac-32bit-3.6.7-lp152.9.9.1
libgnutlsxx-devel-3.6.7-lp152.9.9.1
libgnutlsxx28-3.6.7-lp152.9.9.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0470-1
- SUSE Security Ratings
- SUSE Bug 1183456
- SUSE Bug 1183457
- SUSE CVE CVE-2021-20231 page
- SUSE CVE CVE-2021-20232 page
Описание
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.
Затронутые продукты
openSUSE Leap 15.2:gnutls-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:gnutls-guile-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:libgnutls-dane-devel-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:libgnutls-dane0-3.6.7-lp152.9.9.1
Ссылки
- CVE-2021-20231
- SUSE Bug 1183457
Описание
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
Затронутые продукты
openSUSE Leap 15.2:gnutls-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:gnutls-guile-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:libgnutls-dane-devel-3.6.7-lp152.9.9.1
openSUSE Leap 15.2:libgnutls-dane0-3.6.7-lp152.9.9.1
Ссылки
- CVE-2021-20232
- SUSE Bug 1183456