Information on source package gnutls26

Available versions

ReleaseVersion
wheezy2.12.20-7
wheezy2.12.20-8+deb7u1
jessie2.12.23-13
sid2.12.23-14
squeeze2.8.6-1+squeeze2
squeeze2.8.6-1+squeeze3

Open issues

BugwheezyjessiesidsqueezeDescription
CVE-2013-1619fixedfixedfixedvulnerableThe TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, ...

Open unimportant issues

Resolved issues

BugDescription
CVE-2006-7239The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c ...
CVE-2008-1948The _gnutls_server_name_recv_params function in lib/ext_server_name.c ...
CVE-2008-1949The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in ...
CVE-2008-1950Integer signedness error in the _gnutls_ciphertext2compressed function ...
CVE-2008-2377Use-after-free vulnerability in the ...
CVE-2008-4989The _gnutls_x509_verify_certificate function in lib/x509/verify.c in ...
CVE-2009-1415lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not ...
CVE-2009-1416lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates ...
CVE-2009-1417gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and ...
CVE-2009-2409The Network Security Services (NSS) library before 3.12.3, as used in ...
CVE-2009-2730libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...
CVE-2009-5138GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag ...
CVE-2010-0731The gnutls_x509_crt_get_serial function in the GnuTLS library before ...
CVE-2011-4128Buffer overflow in the gnutls_session_get_data function in ...
CVE-2012-0390The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ...
CVE-2012-1573gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before ...
CVE-2012-1663Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows ...
CVE-2013-2116The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in ...
CVE-2013-4466Buffer overflow in the dane_query_tlsa function in the DANE library ...
CVE-2013-4487Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...
CVE-2014-0092lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...
CVE-2014-1959lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 ...

Security announcements

DSADescription
DSA-2869-1gnutls26 - incorrect certificate verification
DSA-2869-1gnutls26 - incorrect certificate verification
DSA-2866-1gnutls26 - certificate verification flaw
DSA-2697-1gnutls26 - out-of-bounds array read
DSA-2441-1gnutls26 - missing bounds check
DSA-1935-1gnutls13 gnutls26 - SSL certificate

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)