USN-4233-2 -- gnutls update| ID: oval:org.secpod.oval:def:705350 | Date: (C)2020-02-03 (M)2023-12-20 |
| Class: PATCH | Family: unix |
gnutls28: GNU TLS library Details: USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Original advisory USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.
| Platform: |
| Ubuntu 16.04 |
| Ubuntu 18.04 |
| Product: |
| libgnutls30 |
| libgnutls28-dev |
| gnutls-doc |
| libgnutlsxx28 |
| gnutls-bin |
| libgnutls-dev |
| guile-gnutls |
| libgnutls-openssl27 |
| libgnutls-dane0 |
