SUSE-SU-2019:1121-1 -- SLES gnutls, libgnutls-devel, libgnutls30, libgnutlsxx-devel, libgnutlsxx28ID: oval:org.secpod.oval:def:89050585 | Date: (C)2023-10-16 (M)2023-10-15 |
Class: PATCH | Family: unix |
This update for gnutls fixes to version 3.6.7 the following issues: Security issued fixed: - CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages . - CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API . - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification Non-security issue fixed: - Update gnutls to support TLS 1.3
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Desktop 15 |
Product: |
gnutls |
libgnutls-devel |
libgnutls30 |
libgnutlsxx-devel |
libgnutlsxx28 |