AVG-945 log
| Package | gnutls |
| Status | Fixed |
| Severity | Critical |
| Type | multiple issues |
| Affected | 3.6.6-3 |
| Fixed | 3.6.7-1 |
| Current | 3.8.5-1 [core] |
| Ticket | None |
| Created | Fri Mar 29 17:24:57 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-3836 | Medium | Yes | Denial of service | An invalid pointer access via malformed TLS1.3 async messages has been found in GnuTLS versions prior to 3.6.7. |
| CVE-2019-3829 | Critical | Yes | Arbitrary code execution | A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 05 Apr 2019 | ASA-201904-2 | gnutls | multiple issues |
| References |
|---|
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html |