[RHSA-2016:0012] gnutls security update
Severity
Moderate
Affected Packages
22
CVEs
1
The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).
A flaw was found in the way TLS 1.2 could use the MD5 hash function for
signing ServerKeyExchange and Client Authentication packets during a TLS
handshake. A man-in-the-middle attacker able to force a TLS connection to
use the MD5 hash function could use this flaw to conduct collision attacks
to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575)
All gnutls users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all applications linked to the GnuTLS library must be restarted.
- ID
- RHSA-2016:0012
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2016:0012
- Published
-
2016-01-08T00:00:00
(8 years ago) - Modified
-
2016-01-08T00:00:00
(8 years ago) - Rights
- Copyright 2016 Red Hat, Inc.
- Other Advisories
-
- ALAS-2016-643
- ALAS-2016-645
- ALAS-2016-647
- ALAS-2016-651
- ALAS-2016-661
- DSA-3436-1
- DSA-3437-1
- DSA-3457-1
- DSA-3458-1
- DSA-3465-1
- DSA-3491-1
- DSA-3688-1
- ELSA-2016-0007
- ELSA-2016-0008
- ELSA-2016-0012
- ELSA-2016-0049
- ELSA-2016-0050
- ELSA-2016-0053
- ELSA-2016-0054
- FREEBSD:10F7BC76-0335-4A88-B391-0B05B3A8CE1C
- GLSA-201605-06
- GLSA-201701-46
- GLSA-201706-18
- GLSA-201801-15
- RHSA-2016:0007
- RHSA-2016:0008
- RHSA-2016:0049
- RHSA-2016:0050
- RHSA-2016:0053
- RHSA-2016:0054
- RHSA-2016:0098
- RHSA-2016:0099
- RHSA-2016:0101
- SUSE-SU-2016:0149-1
- SUSE-SU-2016:0189-1
- SUSE-SU-2016:0256-1
- SUSE-SU-2016:0265-1
- SUSE-SU-2016:0269-1
- SUSE-SU-2016:0390-1
- SUSE-SU-2016:0399-1
- SUSE-SU-2016:0401-1
- SUSE-SU-2016:0428-1
- SUSE-SU-2016:0431-1
- SUSE-SU-2016:0433-1
- SUSE-SU-2016:0584-1
- SUSE-SU-2016:0636-1
- SUSE-SU-2016:0770-1
- USN-2863-1
- USN-2864-1
- USN-2865-1
- USN-2866-1
- USN-2884-1
- USN-2904-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1289841 | https://bugzilla.redhat.com/1289841 | |
RHSA | RHSA-2016:0012 | https://access.redhat.com/errata/RHSA-2016:0012 | |
CVE | CVE-2015-7575 | https://access.redhat.com/security/cve/CVE-2015-7575 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/gnutls?arch=x86_64&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | x86_64 | |
Affected | pkg:rpm/redhat/gnutls?arch=s390x&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | s390x | |
Affected | pkg:rpm/redhat/gnutls?arch=s390&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | s390 | |
Affected | pkg:rpm/redhat/gnutls?arch=ppc64&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | ppc64 | |
Affected | pkg:rpm/redhat/gnutls?arch=ppc&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | ppc | |
Affected | pkg:rpm/redhat/gnutls?arch=i686&distro=redhat-6.7 | redhat | gnutls | < 2.8.5-19.el6_7 | redhat-6.7 | i686 | |
Affected | pkg:rpm/redhat/gnutls-utils?arch=x86_64&distro=redhat-6.7 | redhat | gnutls-utils | < 2.8.5-19.el6_7 | redhat-6.7 | x86_64 | |
Affected | pkg:rpm/redhat/gnutls-utils?arch=s390x&distro=redhat-6.7 | redhat | gnutls-utils | < 2.8.5-19.el6_7 | redhat-6.7 | s390x | |
Affected | pkg:rpm/redhat/gnutls-utils?arch=ppc64&distro=redhat-6.7 | redhat | gnutls-utils | < 2.8.5-19.el6_7 | redhat-6.7 | ppc64 | |
Affected | pkg:rpm/redhat/gnutls-utils?arch=i686&distro=redhat-6.7 | redhat | gnutls-utils | < 2.8.5-19.el6_7 | redhat-6.7 | i686 | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=x86_64&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | x86_64 | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=s390x&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | s390x | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=s390&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | s390 | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=ppc64&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | ppc64 | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=ppc&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | ppc | |
Affected | pkg:rpm/redhat/gnutls-guile?arch=i686&distro=redhat-6.7 | redhat | gnutls-guile | < 2.8.5-19.el6_7 | redhat-6.7 | i686 | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=x86_64&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | x86_64 | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=s390x&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | s390x | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=s390&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | s390 | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=ppc64&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | ppc64 | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=ppc&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | ppc | |
Affected | pkg:rpm/redhat/gnutls-devel?arch=i686&distro=redhat-6.7 | redhat | gnutls-devel | < 2.8.5-19.el6_7 | redhat-6.7 | i686 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |