Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Debian 10.0-10.2: 2019-037-02 High OpenSSL Denial of Service

slackware
Calendar Grey May 9, 2009
Dist Slackware Esm H88
Recent updates for GnuTLS on Slackware address severe vulnerabilities ranging from double memory deallocation to key corruption, bolstering overall system security.
New gnutls packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/gnutls-2.6.2-i486-2_slack12.2.tgz Patched the following security issues: - Corrected double free on signature verification failure. Reported by Miroslav Kratochvil . - Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. For more information, see: https://www.cve.org/CVERecord?id=CVE-2009-1415 https://www.cve.org/CVERecord?id=CVE-2009-1416 (* Security fix *)

Topics%20covered

Topics Covered

security advisory moderate buffer overflow security fix slackware system update gnutls

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/gnutls-2.6.2-i486-2_slack12.0.tgz
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware -current:

MD5 Signatures

Slackware 12.0 package: 0028d3e43ed87ae20cfd5264676d86ba gnutls-2.6.2-i486-2_slack12.0.tgz
Slackware 12.1 package: c5a62819b7ef93ee41ed4c05d6f56c02 gnutls-2.6.2-i486-2_slack12.1.tgz
Slackware 12.2 package: eb930f4c0361e4e0bd24044a3c386ce7 gnutls-2.6.2-i486-2_slack12.2.tgz
Slackware -current package: c277628054339e0c999daabb94b5a7fb gnutls-2.6.6-i486-1.txz

Topics%20covered

Topics Covered

security advisory moderate buffer overflow security fix slackware system update gnutls

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg gnutls-2.6.2-i486-2_slack12.2.tgz

Related News

Your message here