SUSE-SU-2015:0675-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20150675-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0675-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:0675-1
Related
Published
2014-06-03T20:02:07Z
Modified
2014-06-03T20:02:07Z
Summary
Security update for gnutls
Details

GnuTLS has been patched to ensure proper parsing of session ids during the TLS/SSL handshake. Additionally, three issues inherited from libtasn1 have been fixed.

Further information is available at http://www.gnutls.org/security.html#GNUTLS-SA-2014-3 http://www.gnutls.org/security.html#GNUTLS-SA-2014-3

These security issues have been fixed:

* Possible memory corruption during connect (CVE-2014-3466)
* Multiple boundary check issues could allow DoS (CVE-2014-3467)
* asn1_get_bit_der() can return negative bit length (CVE-2014-3468)
* Possible DoS by NULL pointer dereference (CVE-2014-3469)

Security Issue references:

* CVE-2014-3466
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466>
References

Affected packages