Debian Security Advisory 2944-1

Debian Security Advisory 2944-1: Posted Jun 3, 2014; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2944-1 - Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial or service.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2014-3466; SHA-256 | d6887c198b34be7129b7c1a27958283398afa5d8a2824390246f8f0ac9eadefe; Download | Favorite | View

Debian Security Advisory 2944-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2944-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
June 01, 2014                          http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gnutls26
CVE ID         : CVE-2014-3466

Joonas Kuorilehto discovered that GNU TLS performed insufficient 
validation of session IDs during TLS/SSL handshakes. A malicious server
could use this to execute arbitrary code or perform denial or service.

For the stable distribution (wheezy), this problem has been fixed in
version 2.12.20-8+deb7u2.

For the unstable distribution (sid), this problem has been fixed in
version 2.12.23-16.

We recommend that you upgrade your gnutls26 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTiuVvAAoJEBDCk7bDfE42qk8P/3vu4mGXhGNJwK9+E1rVlJ7b
bL9M2qAo9PiNO3Saw8reZYjFhpXy4iq5E2kTpUDHhDvWWvIAzme4N4/nXgAlQGQL
umMAG9vLl33vIhllcTlGy0RqI1bx/qXqzTsuFv/3lwArWdY3T2UzeYceGfcbFNqY
H5RSP8UAN7rFWEMiqSuTNpRdmwhEPrGqLatIZ8r8Q5/jWcCAat+MNP+KERouksBT
u5U5WkImDwpiPuxWBsJdkfLhbWCazmul+dVIerNm+9FA73W85HwkMb88Xit7rVgv
0d/Obd4qP0QiyDMfAnRDwVci3H/tzYyifAwutLf+zSPRBpy84lFKorMIAKA3mO8W
4ezBtP9D8v9FHxfKGi28RV779ZLDlWY1I8yL6FTAQk0m1QFpvgiy7IclKnmfN7Ew
DOFp5KIntqL+5AnVs8aBaTByEphKHlxt6jGi142VKESz7oB/io6umtECTWfLXI9D
8sZpTqXMhCQMK4ydmgJmado+oKzH/fq21Y5PagJIntGErCRIoe45wviamJXUjGHW
ol/rhGNqrZYTsVBnqUmTURQvQc1/pHT4ZH8tEc9Cxv9ndlWkaZ7QJMY3zbNWaVf8
XcOBu9/GxuNeq32xAM0Kq4e94WtU3WB8wrDzTUl/wWwzJfV2I+nczRyL/uSCfZLk
RmrvS8guUXe3SXS0h9VX
=PIu6
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 2944-1

Debian Security Advisory 2944-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 2944-1

Share This

Debian Security Advisory 2944-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems