Mandriva Update For Gnutls MDVSA-2008:106 (gnutls) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Flaws discovered in versions prior to 2.2.4 (stable) and 2.3.10 (development) of GnuTLS allow an attacker to cause denial of service (application crash), and maybe (so far undetermined) execute arbitrary code. The updated packages have been patched to fix these flaws. Note that any applications using this library must be restarted for the update to take effect.

Affected

gnutls on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1948, CVE-2008-1949, CVE-2008-1950
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:020 (xine-lib)
Mandrake Security Advisory MDVSA-2009:003 (python)
Mandrake Security Advisory MDVSA-2009:147 (pidgin)
Mandrake Security Advisory MDVSA-2009:050 (python-pycrypto)
Mandrake Security Advisory MDVSA-2009:187 (nagios)

Mandriva Update for gnutls MDVSA-2008:106 (gnutls)

Take action and discover your vulnerabilities