Bug 230263 - net-libs/gnutls >=2.3.5 <2.4.1 gnutls_handshake() vulnerabilities (CVE-2008-2377)
Bug#: 230263 (CVE-2008-2377) Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: trivial Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: rbu@gentoo.org
Component: Vulnerabilities
URL:  http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947
Summary: net-libs/gnutls >=2.3.5 <2.4.1 gnutls_handshake() vulnerabilities (CVE-2008-2377)
Keywords:  
Status Whiteboard: ~3? [noglsa]
Opened: 2008-06-30 21:12 0000
Description:   Opened: 2008-06-30 21:12 0000 
** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

Tomas Mraz of RedHat reported an issue in GnuTLS that can lead to a function
dereference of a freed heap structure. Impact is currently under discussion.
This bug was introduced in GnuTLS 2.3.5 and is present in GnuTLS 2.4.0.

Please do not proceed any affected versions for stabling. This only affects our
~arch systems.

------- Comment #1 From Daniel Black 2008-07-01 10:48:22 0000 ------- 
public as per urls
detail http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2948

will do ebuild soon

------- Comment #2 From Daniel Black 2008-07-01 12:45:39 0000 ------- 
gnutls-2.4.1 added
gnutls-2.4.0 and gnutls-2.3.11.ebuild removed

thanks Robert. description from upstream makes it seem though RCE is unlikely
and DoS is fairly sure.

------- Comment #3 From Robert Buchholz 2008-07-01 13:51:55 0000 ------- 
Thanks, closing then.