USN-6499-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that GnuTLS had a timing side-channel when handling certain RSA-PSK key exchanges. A remote attacker could possibly use this issue to recover sensitive information.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "gnutls-bin", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "gnutls-bin-dbgsym", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "gnutls-doc", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls-dane0", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls-dane0-dbgsym", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls-openssl27", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls-openssl27-dbgsym", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls28-dev", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls30", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutls30-dbgsym", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutlsxx28", "binary_version": "3.5.18-1ubuntu1.6+esm1" }, { "binary_name": "libgnutlsxx28-dbgsym", "binary_version": "3.5.18-1ubuntu1.6+esm1" } ] }