Summary: | <net-libs/gnutls-{3.3.10,3.2.20}: Denial of Service (heap corruption) (CVE-2014-8564) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alonbl, crypto+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Kristian Fiskerstrand (RETIRED)
2014-11-10 14:43:46 UTC
Whiteboard set to ?3 until it can be determined whether this affects stable (B3) or only unstable packages (~3). ECC code was added in the 3.x series. So our stable version is not affected. +*gnutls-3.3.10 (10 Nov 2014) +*gnutls-3.2.20 (10 Nov 2014) + + 10 Nov 2014; Alon Bar-Lev <alonbl@gentoo.org> +gnutls-3.2.20.ebuild, + +gnutls-3.3.10.ebuild, -gnutls-3.2.18.ebuild, -gnutls-3.3.8.ebuild, + -gnutls-3.3.9.ebuild: + Version bump + cleanup, bug#528824 Thank you for swift bump and cleanup. No stable versions, closing noglsa |