Fedora 10: 2009-8622 Medium Severity: NUL Handling in GnuTLS
fedora
September 25, 2009
This update fixes handling of NUL characters in certificate Common Name or
subjectAltName fields especially in regards to comparsion to hostnames.
Summary
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
Update Information:
This update fixes handling of NUL characters in certificate Common Name or subjectAltName fields especially in regards to comparsion to hostnames.
Topics Covered
Change Log
* Wed Sep 23 2009 Tomas Mraz
References
[ 1 ] Bug #516231 - CVE-2009-2730 gnutls: incorrect verification of SSL certificate with NUL in name (GNUTLS-SA-2009-4)
https://bugzilla.redhat.com/show_bug.cgi?id=516231
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update gnutls' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
medium
Lowest
Low
Medium
High
Critical
Name: gnutls
Product: Fedora 10
Version: 2.4.2
Release: 5.fc10
Summary: A TLS protocol implementation
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!