AVG-26

Package gnutls
Status Fixed
Severity Medium
Type certificate verification bypass
Affected 3.4.14-1
Fixed 3.4.15-1
Current 3.5.18-1 [core]
Ticket None
Created Wed Sep 21 11:40:58 2016
Issue Severity Remote Type Description
CVE-2016-7444 Medium Yes Certificate verification bypass
Incorrect length validation on gnutls's gnutls_ocsp_resp_check_crt method can allow an attacker to use a OCSP response for a different certificate (but from...
Date Advisory Package Description
26 Sep 2016 ASA-201609-25 gnutls certificate verification bypass