SUSE-SU-2019:1121-1 -- SLES gnutls, libgnutls-devel, libgnutls30, libgnutlsxx-devel, libgnutlsxx28| ID: oval:org.secpod.oval:def:89050585 | Date: (C)2023-10-16 (M)2023-10-15 |
| Class: PATCH | Family: unix |
This update for gnutls fixes to version 3.6.7 the following issues: Security issued fixed: - CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages . - CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API . - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification Non-security issue fixed: - Update gnutls to support TLS 1.3
| Platform: |
| SUSE Linux Enterprise Server 15 |
| SUSE Linux Enterprise Desktop 15 |
| Product: |
| gnutls |
| libgnutls-devel |
| libgnutls30 |
| libgnutlsxx-devel |
| libgnutlsxx28 |
