Oval Definition:	oval:org.opensuse.security:def:90299
Revision Date: 2020-06-09 Version: 1 Title: Security update for gnutls (Important) Description: This update for gnutls fixes the following issues: - CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2 (bsc#1172506). - Fixed an improper handling of certificate chain with cross-signed intermediate CA certificates (bsc#1172461). Family: unix Class: patch Status: Reference(s): 1172461 1172506 CVE-2020-13777 SUSE-SU-2020:1584-1 Platform(s): SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information gnutls-3.6.7-6.29.1 is installed OR libgnutls-devel-3.6.7-6.29.1 is installed OR libgnutls30-3.6.7-6.29.1 is installed OR libgnutls30-32bit-3.6.7-6.29.1 is installed OR libgnutls30-hmac-3.6.7-6.29.1 is installed OR libgnutls30-hmac-32bit-3.6.7-6.29.1 is installed OR libgnutlsxx-devel-3.6.7-6.29.1 is installed OR libgnutlsxx28-3.6.7-6.29.1 is installed
BACK