What Are You Looking For?

Sign Up
   openSUSE Security Update: gnutls: Fixed possible memory corruption
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2014:0767-1
Rating:             important
References:         #880730 
Cross-References:   CVE-2014-3466
Affected Products:
                    openSUSE 11.4
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   gnutls was patched to fix security vulnerability that could be used to
   disrupt service or potentially allow remote code execution.
   - Memory corruption during connect (CVE-2014-3466)
   - NULL pointer dereference in gnutls_x509_dn_oid_name (CVE-2014-3465)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.4:

      zypper in -t patch 2014-59

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.4 (i586 x86_64):

      gnutls-2.8.6-5.29.1
      gnutls-debuginfo-2.8.6-5.29.1
      gnutls-debugsource-2.8.6-5.29.1
      libgnutls-devel-2.8.6-5.29.1
      libgnutls-extra-devel-2.8.6-5.29.1
      libgnutls-extra26-2.8.6-5.29.1
      libgnutls-extra26-debuginfo-2.8.6-5.29.1
      libgnutls26-2.8.6-5.29.1
      libgnutls26-debuginfo-2.8.6-5.29.1

   - openSUSE 11.4 (x86_64):

      libgnutls26-32bit-2.8.6-5.29.1
      libgnutls26-debuginfo-32bit-2.8.6-5.29.1

   - openSUSE 11.4 (ia64):

      libgnutls26-debuginfo-x86-2.8.6-5.29.1
      libgnutls26-x86-2.8.6-5.29.1


References:

   https://support.novell.com/security/cve/CVE-2014-3466.html
   https://bugzilla.novell.com/880730

openSUSE: 2014:0767-1: important: gnutls

June 6, 2014
An update that fixes one vulnerability is now available

Description

gnutls was patched to fix security vulnerability that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect (CVE-2014-3466) - NULL pointer dereference in gnutls_x509_dn_oid_name (CVE-2014-3465)

 

Patch

Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch 2014-59 To bring your system up-to-date, use "zypper patch".


Package List

- openSUSE 11.4 (i586 x86_64): gnutls-2.8.6-5.29.1 gnutls-debuginfo-2.8.6-5.29.1 gnutls-debugsource-2.8.6-5.29.1 libgnutls-devel-2.8.6-5.29.1 libgnutls-extra-devel-2.8.6-5.29.1 libgnutls-extra26-2.8.6-5.29.1 libgnutls-extra26-debuginfo-2.8.6-5.29.1 libgnutls26-2.8.6-5.29.1 libgnutls26-debuginfo-2.8.6-5.29.1 - openSUSE 11.4 (x86_64): libgnutls26-32bit-2.8.6-5.29.1 libgnutls26-debuginfo-32bit-2.8.6-5.29.1 - openSUSE 11.4 (ia64): libgnutls26-debuginfo-x86-2.8.6-5.29.1 libgnutls26-x86-2.8.6-5.29.1


References

https://support.novell.com/security/cve/CVE-2014-3466.html https://bugzilla.novell.com/880730


Severity
Announcement ID: openSUSE-SU-2014:0767-1
Rating: important
Affected Products: openSUSE 11.4 .

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo