Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 18.04 LTS Security Advisory USN-4233-2: GnuTLS SHA1 Update

ubuntu
Calendar Grey January 23, 2020
Dist Ubuntu Esm H88
Learn about gnutls SHA1 status, its impact on Ubuntu, and workarounds for security vulnerabilities in the latest advisory.
USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.

Summary

USN-4233-1 marked SHA1 as untrusted in GnuTLS with no workaround.

Software Description:

- gnutls28: GNU TLS library

Details:

USN-4233-1 disabled SHA1 being used for digital signature operations in

GnuTLS. In certain network environments, certificates using SHA1 may still

be in use. This update adds the %VERIFY_ALLOW_BROKEN and

%VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to

temporarily re-enable SHA1 until certificates can be replaced with a

stronger algorithm.

Original advisory details:

As a security improvement, this update marks SHA1 as being untrusted for

digital signature operations.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libgnutls30                     3.5.18-1ubuntu1.3

Ubuntu 16.04 LTS:
  libgnutls30                     3.4.10-4ubuntu1.7

In general, a standard system update will make all the necessary changes.

References

https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1860656

Severity
important
Lowest
Low
Medium
High
Critical

January 23, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here