Ubuntu 4233-2: GnuTLS update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
==========================================================================
Ubuntu Security Notice USN-4233-2
January 23, 2020

gnutls28 update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.

Software Description:
- gnutls28: GNU TLS library

Details:

USN-4233-1 disabled SHA1 being used for digital signature operations in
GnuTLS. In certain network environments, certificates using SHA1 may still
be in use. This update adds the %VERIFY_ALLOW_BROKEN and
%VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to
temporarily re-enable SHA1 until certificates can be replaced with a
stronger algorithm.

Original advisory details:

 As a security improvement, this update marks SHA1 as being untrusted for
 digital signature operations.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libgnutls30                     3.5.18-1ubuntu1.3

Ubuntu 16.04 LTS:
  libgnutls30                     3.4.10-4ubuntu1.7

In general, a standard system update will make all the necessary changes.

References:
  https://usn.ubuntu.com/4233-2
  https://usn.ubuntu.com/4233-1
  https://launchpad.net/bugs/1860656

Package Information:
  https://launchpad.net/ubuntu/+source/gnutls28/3.5.18-1ubuntu1.3
  https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.7

Ubuntu 4233-2: GnuTLS update

January 23, 2020
USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround. Software Description: - gnutls28: GNU TLS library Details: USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Original advisory details: As a security improvement, this update marks SHA1 as being untrusted for digital signature operations.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libgnutls30 3.5.18-1ubuntu1.3 Ubuntu 16.04 LTS: libgnutls30 3.4.10-4ubuntu1.7 In general, a standard system update will make all the necessary changes.

References

https://usn.ubuntu.com/4233-2

https://usn.ubuntu.com/4233-1

https://launchpad.net/bugs/1860656

Severity
Ubuntu Security Notice USN-4233-2

Package Information

https://launchpad.net/ubuntu/+source/gnutls28/3.5.18-1ubuntu1.3 https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.7

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy