Information on source package gnutls28

Available versions

ReleaseVersion
jessie3.3.30-0+deb8u2
stretch3.5.8-5+deb9u7
stretch (security)3.5.8-5+deb9u6
buster3.6.7-4+deb10u12
bullseye3.7.1-5+deb11u5
bullseye (security)3.7.1-5+deb11u6
bookworm3.7.9-2+deb12u3
trixie3.8.8-2
sid3.8.8-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-5981vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedA vulnerability was found that the response times to malformed ciphert ...
CVE-2018-16868vulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedfixedfixedfixedA Bleichenbacher type side-channel based padding oracle attack was fou ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
TEMP-0000000-1BAE4DvulnerablefixedfixedfixedfixedfixedfixedGNUTLS-SA-2016-2: certificate verification issue
CVE-2011-3389vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe SSL protocol, as used in certain configurations in Microsoft Windo ...

Resolved issues

BugDescription
CVE-2024-28835A flaw has been discovered in GnuTLS where an application crash can be ...
CVE-2024-28834A flaw was found in GnuTLS. The Minerva attack is a cryptographic vuln ...
CVE-2024-0567A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTL ...
CVE-2024-0553A vulnerability was found in GnuTLS. The response times to malformed c ...
CVE-2023-0361A timing side-channel in the handling of RSA ClientKeyExchange message ...
CVE-2022-2509A vulnerability found in gnutls. This security flaw happens because of ...
CVE-2021-20232A flaw was found in gnutls. A use after free issue in client_send_para ...
CVE-2021-20231A flaw was found in gnutls. A use after free issue in client sending k ...
CVE-2021-4209A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash ...
CVE-2020-24659An issue was discovered in GnuTLS before 3.6.15. A server can trigger ...
CVE-2020-13777GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting ...
CVE-2020-11501GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The e ...
CVE-2019-3836It was discovered in gnutls before version 3.6.7 upstream that there i ...
CVE-2019-3829A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. ...
CVE-2018-10846A cache-based side channel in GnuTLS implementation that leads to plai ...
CVE-2018-10845It was found that the GnuTLS implementation of HMAC-SHA-384 was vulner ...
CVE-2018-10844It was found that the GnuTLS implementation of HMAC-SHA-256 was vulner ...
CVE-2017-7869GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integ ...
CVE-2017-7507GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dere ...
CVE-2017-5337Multiple heap-based buffer overflows in the read_attribute function in ...
CVE-2017-5336Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/op ...
CVE-2017-5335The stream reading functions in lib/opencdk/read-packet.c in GnuTLS be ...
CVE-2017-5334Double free vulnerability in the gnutls_x509_ext_import_proxy function ...
CVE-2016-7444The gnutls_ocsp_resp_check_crt function in lib/x509/ocsp.c in GnuTLS b ...
CVE-2016-4456The "GNUTLS_KEYLOGFILE" environment variable in gnutls 3.4.12 allows r ...
CVE-2015-8313GnuTLS incorrectly validates the first byte of padding in CBC modes
CVE-2015-7575Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozi ...
CVE-2015-6251Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4 ...
CVE-2015-3308Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3. ...
CVE-2015-0294GnuTLS before 3.3.13 does not validate that the signature algorithms m ...
CVE-2015-0282GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature alg ...
CVE-2014-8564The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3. ...
CVE-2014-8155GnuTLS before 2.9.10 does not verify the activation and expiration dat ...
CVE-2014-3566The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...
CVE-2014-3466Buffer overflow in the read_server_hello function in lib/gnutls_handsh ...
CVE-2014-3465The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3. ...
CVE-2014-1959lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 trea ...
CVE-2014-0092lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does ...
CVE-2013-4487Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...
CVE-2013-4466Buffer overflow in the dane_query_tlsa function in the DANE library (l ...
CVE-2013-1619The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ...
CVE-2012-1663Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows ...
CVE-2012-1573gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3 ...
CVE-2012-0390The DTLS implementation in GnuTLS 3.0.10 and earlier executes certain ...
CVE-2009-5138GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag ...

Security announcements

DSA / DLADescription
DLA-3875-1gnutls28 - security update
ELA-1090-1gnutls28 - security update
DLA-3740-1gnutls28 - security update
DLA-3660-1gnutls28 - security update
DLA-3321-1gnutls28 - security update
DSA-5349-1gnutls28 - security update
DLA-3070-1gnutls28 - security update
DSA-5203-1gnutls28 - security update
DLA-2759-1gnutls28 - security update
ELA-483-1gnutls28 - security update
DSA-4697-1gnutls28 - security update
DSA-4652-1gnutls28 - security update
DLA-1560-1gnutls28 - security update
DSA-3884-1gnutls28 - security update
DSA-3334-1gnutls28 - security update

Search for package or bug name: Reporting problems