Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
89
security advisoryupdatecriticalFedora 39: FEDORA-2024-80428c408c Critical GnuTLS Update
Rebase gnutls to version 3.8.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-80428c408c 2024-01-29 06:23:44.937605 -------------------------------------------------------------------------------- Name : gnutls Product : Fedora 39 Version : 3.8.3 Release : 1.fc39 URL : http://www.gnutls.org/ Summary : A TLS protocol implementation Description : GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. -------------------------------------------------------------------------------- Update Information: Rebase gnutls to version 3.8.3 -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 24 2024 Zoltan Fridrich - 3.8.3-1 - [packit] 3.8.3 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2246372 - [abrt] gnutls-utils: gnutls_x509_crt_deinit(): gnutls-cli killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=2246372 [ 2 ] Bug #2254017 - gnutls should depend on nettle > = 3.9 https://bugzilla.redhat.com/show_bug.cgi?id=2254017 [ 3 ] Bug #2258576 - CVE-2024-0567 gnutls: rejects certificate chain with distributed trust [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258576 [ 4 ] Bug #2258577 - CVE-2024-0553 gnutls: incomplete fix for CVE-2023-5981 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258577 [ 5 ] Bug #2258587 - gnutls-3.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2258587 -------------------------------------------------------------------------------- This update can be installedwith the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-80428c408c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jan 29, 2024
•Critical
Fedora
89
security advisoryupdateFedoraFedora 36 gnupg2 Security Fix for CVE-2022-34903 Critical Issue
Fix for CVE-2022-34903 (#2103242). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-aa14d396dd 2022-07-07 01:14:02.271644 --------------------------------------------------------------------------------Name : gnupg2 Product : Fedora 36 Version : 2.3.6 Release : 2.fc36 URL : https://www.gnupg.org/ Summary : Utility for secure communication and data storage Description : GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. The S/MIME and smartcard functionality is provided by the gnupg2-smime package. --------------------------------------------------------------------------------Update Information: Fix for CVE-2022-34903 (#2103242) --------------------------------------------------------------------------------ChangeLog: * Mon Jul 4 2022 Jakub Jelen - 2.3.6-2 - Fix for CVE-2022-34903 (#2103242) - Fix focing AEAD through configuration files (#2093760) --------------------------------------------------------------------------------References: [ 1 ] Bug #2103242 - Status line injection via long notation name https://bugzilla.redhat.com/show_bug.cgi?id=2103242 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-aa14d396dd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora ProjectGPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 06, 2022
•Critical
Fedora
89
security advisoryFedoracritical fixCritical Update for Fedora 36: OpenSSL Vulnerability Patch Released
Security fix for https://www.gnutls.org/security-new.html#GNUTLS-SA-2022-01-17. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-62ac7b3744 2022-02-25 16:50:19.402631 --------------------------------------------------------------------------------Name : gnutls Product : Fedora 35 Version : 3.7.2 Release : 3.fc35 URL : http://www.gnutls.org/ Summary : A TLS protocol implementation Description : GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. --------------------------------------------------------------------------------Update Information: Security fix for https://www.gnutls.org/security-new.html#GNUTLS-SA-2022-01-17 --------------------------------------------------------------------------------ChangeLog: * Thu Feb 24 2022 Zoltan Fridrich - 3.7.2-3 - Fix race condition in gnutls_x509_trust_list_verify_crt2 (#2050164) --------------------------------------------------------------------------------References: [ 1 ] Bug #2044988 - gnutls: Race condition in gnutls_x509_trust_list_verify_crt2 https://bugzilla.redhat.com/show_bug.cgi?id=2044988 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-62ac7b3744' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 25, 2022
•Critical
Fedora
89
security advisorysecurity updateFedoraFedora 28: GnuPG Security Update 2018-4ef71d3525 Critical Fix
- doc Remove documentation for future option faked sys - build Don't use dev srandom on OpenBSD - Do not use C99 feature - g10 Fix regexp sanitization - g10 Push compress filter only if compressed - gpg Sanitize diagnostic with the original file name [CVE-2018-12020]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-4ef71d3525 2018-06-15 15:48:22.929912 --------------------------------------------------------------------------------Name : gnupg Product : Fedora 28 Version : 1.4.22 Release : 7.fc28 URL : http://www.gnupg.org/ Summary : A GNU utility for secure communication and data storage Description : GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). --------------------------------------------------------------------------------Update Information: - doc Remove documentation for future option faked sys - build Don't use dev srandom on OpenBSD - Do not use C99 feature - g10 Fix regexp sanitization - g10 Push compress filter only if compressed - gpg Sanitize diagnostic with the original file name [CVE-2018-12020] --------------------------------------------------------------------------------ChangeLog: * Fri Jun 8 2018 Brian C. Lane - 1.4.22-7 - doc Remove documentation for future option faked sys - build Don't use dev srandom on OpenBSD - Do not use C99 feature - g10 Fix regexp sanitization - g10 Push compress filter only if compressed - gpg Sanitize diagnostic with the original file name [CVE-2018-12020] --------------------------------------------------------------------------------This update can be installed with the "dnf"update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-4ef71d3525' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 15, 2018
•Critical
Fedora
89
security advisorycriticalsoftware updateFedora 21 FEDORA-2015-5987 Critical GnuPG2 Update for Minor Issues
Updated package from upstream fixing minor security issues.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5987 2015-04-11 04:34:02 -------------------------------------------------------------------------------- Name : gnupg2 Product : Fedora 21 Version : 2.0.27 Release : 1.fc21 URL : http://www.gnupg.org/ Summary : Utility for secure communication and data storage Description : GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. The S/MIME and smartcard functionality is provided by the gnupg2-smime package. -------------------------------------------------------------------------------- Update Information: Updated package from upstream fixing minor security issues. -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 10 2015 Tomáš Mráz - 2.0.27-1 - new upstream release fixing minor security issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1178759 - gnupg2: double free in cmd_readkey() https://bugzilla.redhat.com/show_bug.cgi?id=1178759 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnupg2' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 18, 2015
•Critical
Fedora
89
security advisoryFedoracritical updateFedora Core 4: 2006-116 Critical Update for GnuPG 1.4.2.1 - Security Issue
The GNU Privacy Guard provides encryption and signing for messages and arbitrary files, and implements the OpenPGP standard as described by IETF RFC2440. . ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-116 2006-02-17 ---------------------------------------------------------------------Product : Fedora Core 4 Name : gnupg Version : 1.4.2.1 Release : 1 Summary : A GNU utility for secure communication and data storage. Description : GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). ---------------------------------------------------------------------Update Information: The GNU Privacy Guard provides encryption and signing for messages and arbitrary files, and implements the OpenPGP standard as described by IETF RFC2440. Version 1.4.2 of GnuPG would in some cases erroneously exit with status 0 (signalling no errors) if it was invoked to check a signature but found no signature to check. This should be corrected in version 1.4.2.1. ---------------------------------------------------------------------* Wed Feb 15 2006 Nalin Dahyabhai - 1.4.2.1-1 - update to 1.4.2.1 (fixes CVE-2006-0455) * Fri Feb 10 2006 Jesse Keating - 1.4.2-3.2.1 - bump again for double-long bug on ppc(64) * Tue Feb 7 2006 Jesse Keating - 1.4.2-3.2 - rebuilt for new gcc4.1 snapshot and glibc changes * Fri Dec 9 2005 Jesse Keating - rebuilt * Tue Aug 9 2005 Nalin Dahyabhai 1.4.2-3 - don't override libexecdir any more; we don't need to (#165462) * Thu Aug 4 2005 Nalin Dahyabhai 1.4.2-2 - pull in David Shaw's fix for keygeneration in batch mode * Fri Jul 29 2005 Nalin Dahyabhai - change %post to check if the info files are there before attempting to add or remove them from the info index (#91641) * Wed Jul 27 2005 Nalin Dahyabhai 1.4.2-1 - update to 1.4.2 ---------------------------------------------------------------------This update can be downloaded from: a1a4ce41efd41cb8ade2b4413072fb4c00e8b9e3 SRPMS/gnupg-1.4.2.1-1.src.rpm 1be912b956a9c001a8a24a4cadbaee4351710bfb ppc/gnupg-1.4.2.1-1.ppc.rpm 644518c6e8d05280b091d12fe9c9e541666cc47a ppc/debug/gnupg-debuginfo-1.4.2.1-1.ppc.rpm 5dd455f66408bb0b1a5080077595f45e14848fd7 x86_64/gnupg-1.4.2.1-1.x86_64.rpm f1d7b3d77fa9f6bdae07a10a5edcf9b15c777934 x86_64/debug/gnupg-debuginfo-1.4.2.1-1.x86_64.rpm 601f36c75b78f96fe1d921edde19343997b3827e i386/gnupg-1.4.2.1-1.i386.rpm e10f5c5707b4ba7ba65da4fdc08013af111fbedc i386/debug/gnupg-debuginfo-1.4.2.1-1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Feb 17, 2006
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!