Lucene search
RedHatRHSA-2009:1232HistoryAug 26, 2009 - 12:00 a.m.
(RHSA-2009:1232) Moderate: gnutls security update
2009-08-2600:00:00
access.redhat.com
15
0.002 Low
EPSS
Percentile
53.9%
The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS).
A flaw was discovered in the way GnuTLS handles NULL characters in certain
fields of X.509 certificates. If an attacker is able to get a
carefully-crafted certificate signed by a Certificate Authority trusted by
an application using GnuTLS, the attacker could use the certificate during
a man-in-the-middle attack and potentially confuse the application into
accepting it by mistake. (CVE-2009-2730)
Users of GnuTLS are advised to upgrade to these updated packages, which
contain a backported patch that corrects this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | src | gnutls | < 1.0.20-4.el4_8.3 | gnutls-1.0.20-4.el4_8.3.src.rpm |
| RedHat | 5 | i386 | gnutls-devel | < 1.4.1-3.el5_3.5 | gnutls-devel-1.4.1-3.el5_3.5.i386.rpm |
| RedHat | 5 | x86_64 | gnutls-utils | < 1.4.1-3.el5_3.5 | gnutls-utils-1.4.1-3.el5_3.5.x86_64.rpm |
| RedHat | 4 | s390 | gnutls-devel | < 1.0.20-4.el4_8.3 | gnutls-devel-1.0.20-4.el4_8.3.s390.rpm |
| RedHat | 5 | i386 | gnutls-utils | < 1.4.1-3.el5_3.5 | gnutls-utils-1.4.1-3.el5_3.5.i386.rpm |
| RedHat | 5 | i386 | gnutls | < 1.4.1-3.el5_3.5 | gnutls-1.4.1-3.el5_3.5.i386.rpm |
| RedHat | 5 | ia64 | gnutls | < 1.4.1-3.el5_3.5 | gnutls-1.4.1-3.el5_3.5.ia64.rpm |
| RedHat | 5 | ia64 | gnutls-utils | < 1.4.1-3.el5_3.5 | gnutls-utils-1.4.1-3.el5_3.5.ia64.rpm |
| RedHat | 5 | ia64 | gnutls-devel | < 1.4.1-3.el5_3.5 | gnutls-devel-1.4.1-3.el5_3.5.ia64.rpm |
| RedHat | 5 | ppc | gnutls | < 1.4.1-3.el5_3.5 | gnutls-1.4.1-3.el5_3.5.ppc.rpm |
Related
openvas
openvas
Fedora Core 11 FEDORA-2009-8565 (gnutls)
2009-09-28 00:00:00
CentOS Security Advisory CESA-2009:1232 (gnutls)
2009-09-02 00:00:00
RedHat Security Advisory RHSA-2009:1232
2009-09-02 00:00:00
nessus
nessus
Fedora 10 : gnutls-2.4.2-5.fc10 (2009-8622)
2009-09-28 00:00:00
Fedora 11 : gnutls-2.6.6-3.fc11 (2009-8565)
2009-09-28 00:00:00
SuSE9 Security Update : GnuTLS (YOU Patch Number 12501)
2009-09-24 00:00:00
cvelist
cvelist
CVE-2009-2730
2009-08-12 10:00:00
centos
centos
gnutls security update
2009-08-26 19:50:26
gnutls security update
2009-08-26 21:53:11
fedora
fedora
[SECURITY] Fedora 11 Update: gnutls-2.6.6-3.fc11
2009-09-25 20:07:02
[SECURITY] Fedora 10 Update: gnutls-2.4.2-5.fc10
2009-09-25 20:10:45
ubuntucve
ubuntucve
CVE-2009-2730
2009-08-12 00:00:00
oraclelinux
oraclelinux
gnutls security update
2009-08-26 00:00:00
nvd
nvd
CVE-2009-2730
2009-08-12 10:30:01
freebsd
freebsd
GnuTLS -- improper SSL certificate verification
2009-08-11 00:00:00
cve
cve
CVE-2009-2730
2009-08-12 10:30:01
slackware
slackware
gnutls
2009-10-17 17:37:39
prion
prion
Design/Logic Flaw
2009-08-12 10:30:00
gentoo
gentoo
GnuTLS: Multiple vulnerabilities
2011-10-10 00:00:00
GnuTLS: Multiple vulnerabilities
2012-06-23 00:00:00
securityvulns
securityvulns
GnuTLS library certificate spoofing
2009-08-20 00:00:00
[USN-809-1] GnuTLS vulnerabilities
2009-08-20 00:00:00
osv
osv
gnutls13 gnutls26 - SSL certificate
2009-11-17 00:00:00
debian
debian
ubuntu
ubuntu
GnuTLS vulnerabilities
2009-08-19 00:00:00
redhat
redhat
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
vmware
vmware