Download
| Alert*
DSA-2697-1 gnutls26 -- out-of-bounds array read
It was discovered that a malicious client could crash a GNUTLS server and vice versa, by sending TLS records encrypted with a block cipher which contain invalid padding. The oldstable distribution is not affected because the security fix that introduced this vulnerability was not applied to it.
|