gnutls-1.4.1-10.1.0.1.AXS3
エラータID: AXSA:2013-170:02
Release date:
Tuesday, March 12, 2013 - 13:25
Subject:
gnutls-1.4.1-10.1.0.1.AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group.
Security issues fixed with this release:
• CVE-2013-1619
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Solution:
Update packages.
CVEs:
CVE-2013-1619
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Additional Info:
N/A
Download:
SRPMS
- gnutls-1.4.1-10.1.0.1.AXS3.src.rpm
MD5: 5738b6c0d54cc9f575f14fa6a84afc37
SHA-256: 4bcd4879b6b67fdbfe61a8a305f45fd50080a229614e3d7f83fea957393643ae
Size: 3.89 MB
Asianux Server 3 for x86
- gnutls-1.4.1-10.1.0.1.AXS3.i386.rpm
MD5: 9a2fbf017bac4c96473d4de08526dc78
SHA-256: 50191585696b67fcfe24f7eb3d427b96c93c6bd1e0bd758bc8618b2a69a2ec01
Size: 374.36 kB - gnutls-devel-1.4.1-10.1.0.1.AXS3.i386.rpm
MD5: aff3a326e32473efa2b8ebfa7eb4c5e2
SHA-256: 27d1408410050bdd013310737f5704e9a73109f8ddd663f0857c5c60c3c46ca5
Size: 928.39 kB
Asianux Server 3 for x86_64
- gnutls-1.4.1-10.1.0.1.AXS3.x86_64.rpm
MD5: e883dc3e881e02447630a20e6e8fd945
SHA-256: 994a432e04fff20caa857bf0118633696945fb4dad446a069d6cb4eb3768638a
Size: 387.83 kB - gnutls-devel-1.4.1-10.1.0.1.AXS3.x86_64.rpm
MD5: 1092ff73e8d86a4752e78e073891e5f1
SHA-256: d80a52b23f2d47cc4d82fb75722bf0bd3cff3ede4e493483bf651a60f1f7b87b
Size: 947.01 kB
日本語