Updated gnutls packages fix CVE-2104-3465-6
Publication date: 02 Jun 2014Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-3465 , CVE-2014-3466
Description
Updated gnutls packages fix security vulnerabilities:
A NULL pointer dereference flaw was discovered in GnuTLS's
gnutls_x509_dn_oid_name(). The function, when called with the
GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller.
However, it could previously return NULL when parsed X.509 certificates
included specific OIDs (CVE-2014-3465).
A flaw was found in the way GnuTLS parsed session ids from Server Hello
packets of the TLS/SSL handshake. A malicious server could use this flaw to
send an excessively long session id value and trigger a buffer overflow in a
connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly,
execute arbitrary code (CVE-2014-3466).
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3465
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3466
- http://www.gnutls.org/security.html#GNUTLS-SA-2014-3
- https://bugs.mageia.org/show_bug.cgi?id=13457
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
SRPMS
3/core
- gnutls-3.1.16-1.3.mga3
4/core
- gnutls-3.2.7-1.3.mga4