5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
68.2%
A DNS server that returns more 4 DANE entries could corrupt the memory of a requesting client using the DANE library from GnuTLS before 3.1.15 and 3.2.5 (CVE-2013-4466). This updates GnuTLS to version 3.1.16, fixing this issue and several other bugs
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | gnutls | < 3.1.16-1 | gnutls-3.1.16-1.mga3 |
lists.gnutls.org/pipermail/gnutls-help/2013-August/003216.html
lists.gnutls.org/pipermail/gnutls-help/2013-October/003250.html
lists.gnutls.org/pipermail/gnutls-help/2013-October/003262.html
www.gnutls.org/security.html#GNUTLS-SA-2013-3
bugs.mageia.org/show_bug.cgi?id=11561
lists.fedoraproject.org/pipermail/package-announce/2013-October/119788.html