This bug was fixed in the package gnutls28 - 3.6.13-2ubuntu1.6
---------------
gnutls28 (3.6.13-2ubuntu1.6) focal-security; urgency=medium
* SECURITY UPDATE: use after free issue in key_share extension
- debian/patches/CVE-2021-20231.patch: avoid use-after-free around
realloc in lib/ext/key_share.c.
- CVE-2021-20231
* SECURITY UPDATE: use after free issue in client_send_params
- debian/patches/CVE-2021-20232.patch: avoid use-after-free around
realloc in lib/ext/pre_shared_key.c.
- CVE-2021-20232
-- Marc Deslauriers <[email protected]> Mon, 02 Aug 2021
09:56:04 -0400
** Changed in: gnutls28 (Ubuntu Focal)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20231
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20232
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1910255
Title:
autopkgtest fails due to an expired certificate
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1910255/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
