Download
| Alert*
oval:org.secpod.oval:def:89050557
This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification . Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors . oval:org.secpod.oval:def:89050585 This update for gnutls fixes to version 3.6.7 the following issues: Security issued fixed: - CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages . - CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API . - CVE-2018-16868: Fixed Bleichenb ... oval:org.secpod.oval:def:89050674 This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification . Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors . oval:org.secpod.oval:def:1900113 A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade an ... oval:org.secpod.oval:def:2001094 A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade an ... oval:org.secpod.oval:def:115741 GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other ... oval:org.secpod.oval:def:115656 GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other ... |