CVE-2017-7507 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-295 | lib32-gnutls | 3.4.15-1 | 3.5.13-1 | Medium | Fixed | |
AVG-294 | gnutls | 3.5.12-1 | 3.5.13-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
11 Jul 2017 | ASA-201707-6 | AVG-295 | lib32-gnutls | Medium | denial of service |
13 Jun 2017 | ASA-201706-12 | AVG-294 | gnutls | Medium | denial of service |
References |
---|
https://www.gnutls.org/security.html#GNUTLS-SA-2017-4 https://bugzilla.redhat.com/show_bug.cgi?id=1454621 |