1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • GnuTLS vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, April 07, 2020 12:10:01
    gnutls28 vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10

    Summary

    GnuTLS could expose sensitive information over the network.

    Software Description

    * gnutls28 - GNU TLS library

    Details

    It was discovered that GnuTLS incorrectly handled randomness when
    performing DTLS negotiation. A remote attacker could possibly use
    this issue to obtain sensitive information, contrary to
    expectations.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    libgnutls30 - 3.6.9-5ubuntu1.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-11501

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Friday, June 05, 2020 16:10:01
    gnutls28 vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10

    Summary

    GnuTLS could be made to expose sensitive information.

    Software Description

    * gnutls28 - GNU TLS library

    Details

    It was discovered that GnuTLS incorrectly handled session ticket
    encryption keys. A remote attacker could possibly use this issue
    to bypass authentication or recover sensitive information.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libgnutls30 - 3.6.13-2ubuntu1.1

    Ubuntu 19.10
    libgnutls30 - 3.6.9-5ubuntu1.2

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-13777

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, September 09, 2020 08:10:01
    gnutls28 vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS

    Summary

    GnuTLS could be made to crash or run programs if it received
    specially crafted network traffic.

    Software Description

    * gnutls28 - GNU TLS library

    Details

    It was discovered that GnuTLS incorrectly handled certain alerts
    when being used with TLS 1.3 servers. A remote attacker could use
    this issue to cause GnuTLS to crash, resulting in a denial of
    service, or possibly execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libgnutls30 - 3.6.13-2ubuntu1.3

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-24659

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)