Oval Definition:	oval:com.redhat.rhsa:def:20130588
Revision Date: 2013-03-04 Version: 636 Title: RHSA-2013:0588: gnutls security update (Moderate) Description: The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-1619) Users of GnuTLS are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all applications linked to the GnuTLS library must be restarted, or the system rebooted. Family: unix Class: patch Status: Reference(s): CVE-2013-1619 CVE-2013-1619 RHSA-2013:0588 RHSA-2013:0588-01 RHSA-2013:0588-01 Platform(s): Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 5 is installed AND gnutls is earlier than 0:1.4.1-10.el5_9.1 AND gnutls is signed with Red Hat redhatrelease2 key gnutls-devel is earlier than 0:1.4.1-10.el5_9.1 AND gnutls-devel is signed with Red Hat redhatrelease2 key gnutls-utils is earlier than 0:1.4.1-10.el5_9.1 AND gnutls-utils is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 6 is installed AND gnutls is earlier than 0:2.8.5-10.el6_4.1 AND gnutls is signed with Red Hat redhatrelease2 key gnutls-devel is earlier than 0:2.8.5-10.el6_4.1 AND gnutls-devel is signed with Red Hat redhatrelease2 key gnutls-guile is earlier than 0:2.8.5-10.el6_4.1 AND gnutls-guile is signed with Red Hat redhatrelease2 key gnutls-utils is earlier than 0:2.8.5-10.el6_4.1 AND gnutls-utils is signed with Red Hat redhatrelease2 key
BACK