[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2013:0588-01 -- Redhat gnutls

ID: oval:org.secpod.oval:def:501008Date: (C)2013-03-09   (M)2023-12-07
Class: PATCHFamily: unix




The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security . It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. Users of GnuTLS are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted, or the system rebooted.

Platform:
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Product:
gnutls
Reference:
RHSA-2013:0588-01
CVE-2013-1619
CVE    1
CVE-2013-1619
CPE    121
cpe:/a:gnu:gnutls:2.0.4
cpe:/a:gnu:gnutls:2.4.0
cpe:/a:gnu:gnutls:2.0.3
cpe:/a:gnu:gnutls:2.0.2
...

© SecPod Technologies