From release notes of 3.7.1: ** libgnutls: Fixed potential use-after-free in sending "key_share" and "pre_shared_key" extensions. When sending those extensions, the client may dereference a pointer no longer valid after realloc. This happens only when the client sends a large Client Hello message, e.g., when HRR is sent in a resumed session previously negotiated large FFDHE parameters, because the initial allocation of the buffer is large enough without having to call realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
Ping
Only 3.7.x is affected which isn't stable.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42cb2c95be07553ccb6c28c1634e8b64602c3fe1 commit 42cb2c95be07553ccb6c28c1634e8b64602c3fe1 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-03-28 06:07:24 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-03-28 06:08:22 +0000 net-libs/gnutls: drop vulnerable version Bug: https://bugs.gentoo.org/775338 Package-Manager: Portage-3.0.17, Repoman-3.0.2 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-libs/gnutls/Manifest | 1 - ...nutls-3.7.0-ignore-duplicate-certificates.patch | 403 --------------------- net-libs/gnutls/gnutls-3.7.0-r1.ebuild | 139 ------- 3 files changed, 543 deletions(-)
Repository is clean, all done.