Red Hat Security Advisory 2020-3525-01 - Quay 3.3.1 release has been released. An issue where build triggers can disclose robot account names and existence of private repos within namespaces has been addressed.
3f0048d4bdec59a51f24f090fac9217f3567fd502a0907966e5df07b310946ee
Debian Linux Security Advisory 4697-1 - A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a man-in-the-middle attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2.
1895794b8fd81d9f052729b86087ff5d07fc51243bab11c512c5cb216d4bdb51
Red Hat Security Advisory 2020-2637-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
75e20d2ad7787693194645be75739ed1dbd377aebd8eafabfc4c215110018701
Red Hat Security Advisory 2020-2638-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
c23fb9ec6d6c8f98388464967da270f6e08492eaf03d2f00d45bfbb844a79d5c
Red Hat Security Advisory 2020-2639-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Issues addressed include a man-in-the-middle vulnerability.
659bc136b339fefd06456f7340bedbfb5561c8e45e51bc36c5c892767f1aa198
Gentoo Linux Security Advisory 202006-1 - An information disclosure vulnerability in GnuTLS allow remote attackers to obtain sensitive information. Versions less than 3.6.14 are affected.
323e146f2376f2d129a54e1b0cca63f0ea73eac997d0155096a35e454fe04324
Ubuntu Security Notice 4384-1 - It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information.
492abbc577184d8e91af368a59566ed8ddd0e0406382a8c4734a76657eeb48e5