USN-4233-2 -- gnutls updateID: oval:org.secpod.oval:def:705350 | Date: (C)2020-02-03 (M)2023-12-20 |
Class: PATCH | Family: unix |
gnutls28: GNU TLS library Details: USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Original advisory USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.04 |
Product: |
libgnutls30 |
libgnutls28-dev |
gnutls-doc |
libgnutlsxx28 |
gnutls-bin |
libgnutls-dev |
guile-gnutls |
libgnutls-openssl27 |
libgnutls-dane0 |