Slackware Advisory SSA:2008-320-01 Gnutls Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2008-320-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-320-01

Insight

New gnutls packages are available for Slackware 12.0, 12.1, and -current to correctly fix the certificate chain verification issue that the upgrade to gnutls-2.6.1 attempted to fix. Without this upgrade, processing a certificate chain containing only one self-signed certificate may cause GnuTLS linked programs to crash.

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Slackware Advisory SSA:2004-278-01 getmail
Slackware Advisory SSA:2006-357-02 mozilla-thunderbird
Slackware Advisory SSA:2005-172-01 sudo
Slackware Advisory SSA:2006-215-01 gnupg
Slackware Advisory SSA:2007-222-05 xpdf

Slackware Advisory SSA:2008-320-01 gnutls

Take action and discover your vulnerabilities