1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2866-1] gnutls26 security update

    From Salvatore Bonaccorso@1:229/2 to All on Sat Feb 22 13:50:01 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2866-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 22, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : gnutls26
    Vulnerability : certificate verification flaw
    CVE ID : CVE-2014-1959

    Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by
    default.

    The oldstable distribution (squeeze) is not affected by this problem as
    X.509 version 1 trusted CA certificates are not allowed by default.

    For the stable distribution (wheezy), this problem has been fixed in
    version 2.12.20-8.

    For the testing distribution (jessie) and the unstable distribution
    (sid), this problem has been fixed in version 2.12.23-12.

    We recommend that you upgrade your gnutls26 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJTCJpIAAoJEAVMuPMTQ89ENKsP/0U5OlOKscI6S77zSumwwguJ aGxspTy/1nt72SOHPXht5+K8qb/pK3EbeDQHW8YJbumTmBvetmT39/jBSRnk/Zv2 RbqvtCbwWsDKbAc8GRzLkQmDgOm5UYaddwuqNqy7fflfeY41AZ+oa/9q7YzF+02q NhISglKhO0Ncew9zO9b0Lcn+lFei/qTNi5vXM0D6/4lPU3Do22H+Z0BF2bhKM/+D CeOxp0ay5uVzpWfce+R4zM1tSd2boNjn9IV9q428Jv5X5jYN8OjXw1oiw2ugAJR+ I0fJuzDRSijBkS4Yv07j+LFxVsd/qOmbhusXGNbVvjXAyawZ1OsvG6SeQHGt1hyS QGm3CCq88NQcJHPm5uWsB0Dke9PlN9kkf9tg+5iWSOJKKNi1tq2J6fE6csDBmeOS +XRax940SKwlEt4OHOw07stIdamtzW158M+9bcguuhcxnuJdGdwB4KyePnCIpHjM 1ZqpFu+Kq6cH9YA9KDqXOpELhPgFBofcLF/inV8q1KfGda/zsxGcQPd8el1hcUM5 9RZsqbpKwRMzftzHrpFHTjlbf1LD7hv9TGaWCaHQwMupkkILRKLjfbr5hs1dBLFi ROvurcDVxCDVTsg95i6n+NU8MgpL7Y/XIKLofD11d7zPomHiyqjS67XfPb358x3H vqT4zksPENR45BKtmi3J
    =smH4
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)