lib32-gnutls
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | A library which provides a secure layer over a reliable transport layer (32-bit) |
Version | 3.8.8-1 [multilib] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-295 | 3.4.15-1 | 3.5.13-1 | Medium | Fixed | |
AVG-17 | 3.4.14-1 | 3.4.15-1 | Medium | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2017-7507 | AVG-295 | Medium | Yes | Denial of service | GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could... |
CVE-2016-7444 | AVG-17 | Medium | Yes | Certificate verification bypass | Incorrect length validation on gnutls's gnutls_ocsp_resp_check_crt method can allow an attacker to use a OCSP response for a different certificate (but from... |
Advisories
Date | Advisory | Group | Severity | Type |
---|---|---|---|---|
11 Jul 2017 | ASA-201707-6 | AVG-295 | Medium | denial of service |
26 Sep 2016 | ASA-201609-26 | AVG-17 | Medium | certificate verification bypass |