[SECURITY] Fedora EPEL 6 Update: gnutls30-3.5.19-1.el6

Wed, 17 Oct 2018 20:03:02 -0700 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-83a8fcf606
2018-10-18 03:01:30.845908
--------------------------------------------------------------------------------

Name        : gnutls30
Product     : Fedora EPEL 6
Version     : 3.5.19
Release     : 1.el6
URL         : https://www.gnutls.org/
Summary     : A TLS protocol implementation
Description :
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS
protocols and technologies around them. It provides a simple C language
application programming interface (API) to access the secure communications
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and
other required structures.

--------------------------------------------------------------------------------
Update Information:

Updated to 3.5.19  ----  Updated to 3.5.18
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1619524 - CVE-2018-10846 gnutls30: gnutls: "Just in Time" PRIME + 
PROBE cache-based side channel attack can lead to plaintext recovery [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1619524
  [ 2 ] Bug #1619519 - CVE-2018-10845 gnutls30: gnutls: HMAC-SHA-384 vulnerable 
to Lucky thirteen attack due to use of wrong constant [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1619519
  [ 3 ] Bug #1619512 - CVE-2018-10844 gnutls30: gnutls: HMAC-SHA-256 vulnerable 
to Lucky thirteen attack due to not enough dummy function calls [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1619512
  [ 4 ] Bug #1459797 - CVE-2017-7507 gnutls30: gnutls: Crash upon receiving 
well-formed status_request extension [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1459797
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update gnutls30' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
epel-package-announce mailing list -- 
epel-package-announce@lists.fedoraproject.org
To unsubscribe send an email to 
epel-package-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-package-announce@lists.fedoraproject.org

Reply via email to