MGASA-2017-0053

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2017-0053.html
Import Source
https://advisories.mageia.org/MGASA-2017-0053.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2017-0053
Related
Published
2017-02-20T13:00:19Z
Modified
2017-02-20T09:19:53Z
Summary
Updated gnutls packages fix security vulnerability
Details

Remote denial of service in SSL alert handling. (CVE-2016-8610)

In gnutlsx509extimportproxy: if the language was set but the policy wasn't, that could lead to a double free. (CVE-2017-5334)

Decoding a specially crafted OpenPGP certificate could have lead to heap and stack overflows. (CVE-2017-5335, CVE-2017-5336 and CVE-2017-5337)

References
Credits

Affected packages

Mageia:5 / gnutls

Package

Name
gnutls
Purl
pkg:rpm/mageia/gnutls?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.2.21-1.3.mga5

Ecosystem specific 

{
    "section": "core"
}