Bugs fixes in "gnutls28"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2018-10844 | It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to | 2019-05-30 |
| CVE | CVE-2018-1084 | corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. | 2019-05-30 |
| Launchpad | 1709193 | Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer | 2017-10-26 |
| Launchpad | 1709193 | Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer | 2017-10-26 |
| CVE | CVE-2017-7869 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function | 2017-06-13 |
| CVE | CVE-2017-7507 | Crash upon receiving well-formed status_request extension | 2017-06-13 |
| CVE | CVE-2017-7869 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function | 2017-06-13 |
| CVE | CVE-2017-7507 | Crash upon receiving well-formed status_request extension | 2017-06-13 |
| CVE | CVE-2017-7869 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function | 2017-06-13 |
| CVE | CVE-2017-7507 | Crash upon receiving well-formed status_request extension | 2017-06-13 |
| CVE | CVE-2017-7869 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function | 2017-06-13 |
| CVE | CVE-2017-7507 | Crash upon receiving well-formed status_request extension | 2017-06-13 |
| CVE | CVE-2016-8610 | SSL/TLS SSL3_AL_WARNING undefined alert DoS | 2017-02-01 |
| CVE | CVE-2016-7444 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCS | 2017-02-01 |
| CVE | CVE-2016-8610 | SSL/TLS SSL3_AL_WARNING undefined alert DoS | 2017-02-01 |
| CVE | CVE-2016-7444 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCS | 2017-02-01 |
| CVE | CVE-2016-8610 | SSL/TLS SSL3_AL_WARNING undefined alert DoS | 2017-02-01 |
| CVE | CVE-2016-7444 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCS | 2017-02-01 |
| CVE | CVE-2016-8610 | SSL/TLS SSL3_AL_WARNING undefined alert DoS | 2017-02-01 |
| CVE | CVE-2016-7444 | The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS before 3.4.15 and 3.5.x before 3.5.4 does not verify the serial length of an OCS | 2017-02-01 |
About
-
Send Feedback to @ubuntu_updates
