Slackware Advisory SSA:2008-315-01 Gnutls Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2008-315-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-315-01

Insight

New gnutls packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. NOTE: The package for 12.0 has a different shared library soname, and the packages for 12.1 and -current have an API/ABI change. Only the Pidgin package in Slackware links with GnuTLS, and upgraded Pidgin packages have also been made available. However, if the updated GnuTLS package is installed any other custom-compiled software that uses GnuTLS may need to be recompiled. More details about this issue will become available in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989

Severity

Classification

CVE CVE-2008-4989
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Slackware Advisory SSA:2005-195-02 XV
Slackware Advisory SSA:2006-313-01 firefox/thunderbird/seamonkey
Slackware Advisory SSA:2006-207-03 gimp
Slackware Advisory SSA:2006-357-05 xine-lib
Slackware Advisory SSA:2007-222-05 xpdf

Slackware Advisory SSA:2008-315-01 gnutls

Take action and discover your vulnerabilities