Oval Definition:oval:com.redhat.rhsa:def:20080982
Revision Date:2008-11-11Version:640
Title:RHSA-2008:0982: gnutls security update (Moderate)
Description:The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS).

  • Martin von Gagern discovered a flaw in the way GnuTLS verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications using the GnuTLS library to trust invalid certificates. (CVE-2008-4989)

    Users of GnuTLS are advised to upgrade to these updated packages, which contain a backported patch that corrects this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-4989
    RHSA-2008:0982
    RHSA-2008:0982-01
    RHSA-2008:0982-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • gnutls is earlier than 0:1.4.1-3.el5_2.1
  • AND gnutls is signed with Red Hat redhatrelease2 key
  • gnutls-devel is earlier than 0:1.4.1-3.el5_2.1
  • AND gnutls-devel is signed with Red Hat redhatrelease2 key
  • gnutls-utils is earlier than 0:1.4.1-3.el5_2.1
  • AND gnutls-utils is signed with Red Hat redhatrelease2 key
    • BACK