MGASA-2014-0117

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0117.html

Import Source

https://advisories.mageia.org/MGASA-2014-0117.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0117

Related

CVE-2014-0092

Published

2014-03-03T20:07:34Z

Modified

2014-03-03T20:07:30Z

Summary

Updated gnutls packages fix security vulnerability

Details

It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker (CVE-2014-0092).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / gnutls

Package

Name: gnutls
Purl: pkg:rpm/mageia/gnutls?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.7-1.2.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / gnutls

Package

Name: gnutls
Purl: pkg:rpm/mageia/gnutls?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.16-1.2.mga3

Ecosystem specific

{
    "section": "core"
}