Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 528
Alerts This Week
Warning Icon 1 528

Debian: DSA-3177-1 Critical: Mod-Gnutls SSL Access Problem

debian
Calendar Grey March 10, 2015
Scroller Debian
Debian has issued advisories for a security flaw in mod-gnutls affecting SSL/TLS protocols. Users should promptly apply patches to safeguard sensitive data and sessions
Thomas Klute discovered that in mod-gnutls, an Apache module providing SSL and TLS encryption with GnuTLS, a bug caused the server's client verify mode not to be considered at all,...

Summary

For the stable distribution (wheezy), this problem has been fixed in
version 0.5.10-1.1+deb7u1.

For the unstable distribution (sid), this problem has been fixed in
version 0.6-1.3.

We recommend that you upgrade your mod-gnutls packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: mod-gnutls
CVE ID: CVE-2015-2091

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.