Debian 3.1 DSA 1182-1 Critical: GnuTLS Signature Forgery Issue
debian
September 22, 2006
Daniel Bleichenbacher discovered a flaw in GNU TLS cryptographic package that could allow an attacker to generate a forged signature that GNU TLS will accept as valid.
Topics Covered
Summary
The unstable distribution (sid) does no longer contain gnutls11, for
gnutls13 this problem has been fixed in version 1.4.4-1.
We recommend that you upgrade your GNU TLS package.
Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Size/MD5 checksum: 820 72116e13ca8af0d4c0420a6a5fba01fb
Size/MD5 checksum: 346146 46c4495ad9c32f53a362669432b548d0
Size/MD5 checksum: 1504638 7b410fa3c563c7988e434a8c8671b3cd
Alpha architecture:
Size/MD5 checksum: 229836 759bb1fb11af8022228651e5ee996c2a
Size/...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!