[Bug 1326779] Re: libgnutls28 appears to not have been updated for CVE-2014-3466 in Trusty

Launchpad Bug Tracker Thu, 11 Jun 2015 11:21:55 -0700

This bug was fixed in the package gnutls28 - 3.0.11-1ubuntu2.1

---------------
gnutls28 (3.0.11-1ubuntu2.1) precise-security; urgency=medium


  * SECURITY UPDATE: Denial of service and possible remote arbitrary code
    execution via crafted ServerHello message
    - debian/patches/21_CVE-2014-3466.patch: Add upper bounds check for
      session id size. Based on upstream patch. (LP: #1326779)

 -- Tyler Hicks <[email protected]>  Thu, 11 Jun 2015 10:51:35 -0500

** Changed in: gnutls28 (Ubuntu)
       Status: Confirmed => Fix Released

** Changed in: gnutls28 (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1326779

Title:
  libgnutls28 appears to not have been updated for CVE-2014-3466 in
  Trusty

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1326779/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1326779] Re: libgnutls28 appears to not have been updated for CVE-2014-3466 in Trusty

Reply via email to