Bug 230263 (CVE-2008-2377)

Summary:	net-libs/gnutls >=2.3.5 <2.4.1 gnutls_handshake() vulnerabilities (CVE-2008-2377)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	dragonheart
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947
Whiteboard:	~3? [noglsa]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2008-06-30 21:12:11 UTC

** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

Tomas Mraz of RedHat reported an issue in GnuTLS that can lead to a function dereference of a freed heap structure. Impact is currently under discussion.
This bug was introduced in GnuTLS 2.3.5 and is present in GnuTLS 2.4.0.

Please do not proceed any affected versions for stabling. This only affects our ~arch systems.

Comment 1 Daniel Black (RETIRED) gentoo-dev

2008-07-01 10:48:22 UTC

public as per urls
detail http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2948

will do ebuild soon

Comment 2 Daniel Black (RETIRED) gentoo-dev

2008-07-01 12:45:39 UTC

gnutls-2.4.1 added
gnutls-2.4.0 and gnutls-2.3.11.ebuild removed

thanks Robert. description from upstream makes it seem though RCE is unlikely and DoS is fairly sure.

Comment 3 Robert Buchholz (RETIRED) gentoo-dev

2008-07-01 13:51:55 UTC

Thanks, closing then.