Summary: | <net-libs/gnutls-3.6.15: Null-pointer deref in TLS 1.3 client (CVE-2020-24659) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | base-system |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://gitlab.com/gnutls/gnutls/-/issues/1071 | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: |
net-libs/gnutls-3.6.15
|
Runtime testing required: | --- |
Description
Sam James
![]() ![]() ![]() ![]() Please bump to 3.6.15. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=807088725f04adee3a1e0ed9a8b41d8d647262b3 commit 807088725f04adee3a1e0ed9a8b41d8d647262b3 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-09-04 15:28:14 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-09-04 16:13:47 +0000 net-libs/gnutls: bump to v3.6.15 Bug: https://bugs.gentoo.org/649396 Bug: https://bugs.gentoo.org/711104 Bug: https://bugs.gentoo.org/740390 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-libs/gnutls/Manifest | 1 + .../gnutls-3.6.15-skip-dtls-seccomp-tests.patch | 26 ++++ net-libs/gnutls/gnutls-3.6.15.ebuild | 134 +++++++++++++++++++++ 3 files changed, 161 insertions(+) Thanks. Let us know when ready to stable. x86 stable amd64 done arm64 done arm done This issue was resolved and addressed in GLSA 202009-01 at https://security.gentoo.org/glsa/202009-01 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architectures. arm done ppc, ppc64 stable hppa stable sparc stable s390 stable. Maintainer(s), please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5d7af8385b56e3b113c42f2f01db52d90bdb650f commit 5d7af8385b56e3b113c42f2f01db52d90bdb650f Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2020-09-18 10:11:07 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2020-09-18 10:30:04 +0000 net-libs/gnutls: Security cleanup Bug: https://bugs.gentoo.org/740390 Package-Manager: Portage-3.0.7, Repoman-3.0.1 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> net-libs/gnutls/Manifest | 1 - net-libs/gnutls/gnutls-3.6.14.ebuild | 132 ----------------------------------- 2 files changed, 133 deletions(-) |