Sicherheit: Zwei Probleme in gnutls
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in gnutls
ID: FEDORA-2021-18bef34f05
Distribution: Fedora
Plattformen: Fedora 34
Datum: Mi, 24. März 2021, 07:02
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231
Applikationen: GNU Transport Layer Security Library


Fedora Update Notification
2021-03-24 01:46:57.845776

Name : gnutls
Product : Fedora 34
Version : 3.7.1
Release : 2.fc34
URL : http://www.gnutls.org/
Summary : A TLS protocol implementation
Description :
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

Update Information:

Update to the upstream 3.7.1 release, which includes fixes for CVE-2021-20231
and CVE-2021-20232, fipscheck build-dep removal, and TLS 1.3 middlebox
compatibility mode fixes. ---- Fix cert chain verification if it contains
duplicate certs.

* Tue Mar 16 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-2
- Restore fipscheck dependency
* Sat Mar 13 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
- Update to upstream 3.7.1 release
- Remove fipscheck dependency, as it is now calculated with an
internal tool
* Fri Mar 5 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-4
- Tolerate duplicate certs in the chain also with PKCS #11 trust store
* Tue Mar 2 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-3
- Reduce BRs for non-bootstrapping build

[ 1 ] Bug #1903554 - gnutls-3.7.1 is available
[ 2 ] Bug #1938147 - CVE-2021-20231 gnutls: Use after free in client
key_share extension [fedora-all]
[ 3 ] Bug #1938149 - CVE-2021-20232 gnutls: Use after free in
client_send_params in lib/ext/pre_shared_key.c [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-18bef34f05' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Pro-Linux @Facebook
Neue Nachrichten