-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3437-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnutls26 CVE ID : CVE-2015-7575 Karthikeyan Bhargavan and Gaetan Leurent at INRIA discovered a flaw in the TLS 1.2 protocol which could allow the MD5 hash function to be used for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker could exploit this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. More information can be found at https://www.mitls.org/pages/attacks/SLOTH For the oldstable distribution (wheezy), this problem has been fixed in version 2.12.20-8+deb7u5. We recommend that you upgrade your gnutls26 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWkPbrAAoJEAVMuPMTQ89E+qIQAJ1oiUBHGjSqV/gzponGHBu8 QlwJiStNNWEcK/f9yX7dJvaIaFaYCXVd8Q/98vOa2C7PSgYhm2/OfJHXegtU8eNK lblnMP1SXZd+SuwTLcN0eotAL9dAQyMyxaqKYRP6U+7ikbqdqZpJAEZZIDMImmTd HKBCFCvA77Dy5LobZuQAi8rXOu/KxQfzyIe3P5mF99X9JHPA09YqGW194C7A/ggv e/BQSeawWNNc9p6cWg31GrLLp3HQZHOed+OiFDzf+EGvyhoU5LOfXTc+BqRjUDS9 IlflO63WzHzWUSg/O5JQtlBn++aT2PgU7gbsLOBoZWhfIBkV6ZyL4JDkLI8rnz/9 /Y4tK2z4qSC5OU15v017xrw1YDYe1OimAPHM2MOFCFop2UD3Zj72GhXtb7XGZI2W q9QdRMvxbDUoUfEq9OsT27T0vaAzYgQyEK+NTL/EIgRuHMfaDlii0V+bFjDHWiPG CaPXi7IhVOA9kLfg4mvWXN9OAcureyNwNM6pPr3/HUiGVr1CWbH9Cm7l/U9H2FjC NQJgRMXADQEhIYu1A3oGi2whORLSFEgdZWpvFX0fyL/sF+gxkrUXYWo/fHgTVDtM y2RGh5USgYxikGwoiwGwSbCL7qPX7KnNMecwXOvq+RrhlPqtnafIdUBGmK0P0niA K095DZSPfOvvv9cfzYTS =uOs8 -----END PGP SIGNATURE-----