AVG-945 log
Package | gnutls |
Status | Fixed |
Severity | Critical |
Type | multiple issues |
Affected | 3.6.6-3 |
Fixed | 3.6.7-1 |
Current | 3.8.8-1 [core] |
Ticket | None |
Created | Fri Mar 29 17:24:57 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-3836 | Medium | Yes | Denial of service | An invalid pointer access via malformed TLS1.3 async messages has been found in GnuTLS versions prior to 3.6.7. |
CVE-2019-3829 | Critical | Yes | Arbitrary code execution | A critical memory corruption vulnerability has been found in GnuTLS versions prior to 3.6.7, in any API backed by verify_crt(), including... |
Date | Advisory | Package | Type |
---|---|---|---|
05 Apr 2019 | ASA-201904-2 | gnutls | multiple issues |
References |
---|
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html |