drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in gnutls
Name: |
Ausführen beliebiger Kommandos in gnutls |
|
ID: |
FEDORA-2014-14760 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Fr, 14. November 2014, 08:21 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564 |
|
Applikationen: |
GNU Transport Layer Security Library |
|
Originalnachricht |
Name : gnutls Product : Fedora 20 Version : 3.1.28 Release : 1.fc20 URL : http://www.gnutls.org/ Summary : A TLS protocol implementation Description : GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures.
------------------------------------------------------------------------------- - Update Information:
Security fix for CVE-2014-8564 ------------------------------------------------------------------------------- - ChangeLog:
* Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.28-1 - new upstream release * Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.27-1 - new upstream release * Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.26-2 - removed rpath (#1132921) * Mon Aug 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.26-1 - new upstream release (#1088563) * Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.25-1 - new upstream release (#1103046) * Wed May 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.24-1 - new upstream release * Tue Apr 8 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.23-1 - fixes liberal wildcard expansion (#1085264) - fixes certtool generation of encrypted keys even without password (#1085272) * Thu Feb 27 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.20-4 - fixes CVE-2014-0092 (#1071795) * Fri Feb 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.20-3 - Fix CVE-2014-1959 (#1065094) * Mon Feb 3 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.20-1 - new upstream release - Fixed issue with gnutls.info not being available - Compile with trousers - Pulled fix from upstream for illegal supported-ecc extension (#1060411) * Thu Jan 2 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.18-3 - Applied complete patch from (#1046672) * Thu Jan 2 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.18-2 - Applied fix in suiteb patch to prevent crash in multiple deinitializations (#1046672) * Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.18-1 - new upstream release * Thu Dec 5 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.17-3 - Use the correct root key for unbound (#1012494) - Pull asm fixes from upstream (#973210) - tpmtool manpage is no longer installed (#1036363) * Tue Nov 26 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.17-2 - Avoid linking with trousers to prevent introducing new features in f20 * Tue Nov 26 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.17-1 - new upstream release - links against the system libopts - links against trousers ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1161443 - CVE-2014-8564 gnutls: Heap corruption when generating key ID for ECC (GNUTLS-SA-2014-5) https://bugzilla.redhat.com/show_bug.cgi?id=1161443 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update gnutls' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|