GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Mon Jun 22, 2015 10:26 pm Post subject: [ GLSA 201506-03 ] GnuTLS |
|
|
Gentoo Linux Security Advisory
Title: GnuTLS: Multiple vulnerabilities (GLSA 201506-03)
Severity: normal
Exploitable: local, remote
Date: June 22, 2015
Bug(s): #546760, #548636
ID: 201506-03
Synopsis
Multiple vulnerabilities have been fixed in GnuTLS, the worst of
which can cause Denial of Service
Background
GnuTLS is an Open Source implementation of the TLS and SSL protocols.
Affected Packages
Package: net-libs/gnutls
Vulnerable: < 3.3.15
Unaffected: >= 3.3.15
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in GnuTLS. Please review
the CVE identifiers and external references below for details.
Impact
A context-dependent attacker can cause a denial of service condition.
Workaround
There is no known workaround at this time.
Resolution
All GnuTLS users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/gnutls-3.3.15"
|
References
CVE-2015-3308
GNUTLS-SA-2015-2
|
|