SuSE Update For Gnutls OpenSUSE-SU-2014:0763-1 (gnutls) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

gnutls was patched to fix two security vulnerabilities that could be used to disrupt service or potentially allow remote code execution. - Memory corruption during connect (CVE-2014-3466) - NULL pointer dereference in gnutls_x509_dn_oid_name (CVE-2014-3465)

Affected

gnutls on openSUSE 13.1, openSUSE 12.3

References

http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00007.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-3465, CVE-2014-3466
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for compat-openssl097g
SLES10: Security update for IBM Java 1.4.2
SLES10: Security update for nagios plugins
SLES10: Security update for ClamAV
SLES10: Security update for libtiff

SuSE Update for gnutls openSUSE-SU-2014:0763-1 (gnutls)

Take action and discover your vulnerabilities