[Bug 505494] New: GnuTls appears to be down level version on OpenSuse 11.1
http://bugzilla.novell.com/show_bug.cgi?id=505494 Summary: GnuTls appears to be down level version on OpenSuse 11.1 Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: i686 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: noloader@gmail.com QAContact: qa@suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042700 SUSE/3.0.10-1.1.1 Firefox/3.0.10 OpenSuse 11.1 appears to carry version 2.4.1. GnuTls recommends version 2.6.6. Included in the current version is a double free fix (CVE-2009-1415) and DSA key corruption fix (CVE-2009-1416). gnutls-cli --version gnutls-cli (GnuTLS) 2.4.1 [1] http://www.gnu.org/software/gnutls/security.html Reproducible: Always Steps to Reproduce: N/A Actual Results: N/A Expected Results: N/A N/A -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=505494 User krahmer@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=505494#c1 Sebastian Krahmer <krahmer@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE --- Comment #1 from Sebastian Krahmer <krahmer@novell.com> 2009-05-20 00:42:10 MDT --- duplicate *** This bug has been marked as a duplicate of bug 497886 *** http://bugzilla.novell.com/show_bug.cgi?id=497886 -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=505494 User noloader@gmail.com added comment http://bugzilla.novell.com/show_bug.cgi?id=505494#c2 --- Comment #2 from Jeffrey Walton <noloader@gmail.com> 2009-05-20 00:48:34 MDT --- Created an attachment (id=293198) --> (http://bugzilla.novell.com/attachment.cgi?id=293198) Access Denied Sorry guys... Searching Bugzilla did not turn up any issues. When Sebastian pointed out a duplicate, visiting the original bug resulted in the attached. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=505494 User meissner@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=505494#c3 --- Comment #3 from Marcus Meissner <meissner@novell.com> 2009-05-20 09:30:17 MDT --- gnutls 2.4.1 is btw not affected by the security issues in above CVEs. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=505494 User thomas@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=505494#c4 Thomas Biege <thomas@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |CVE-2009-1416: CVSS v2 Base | |Score: 7.5 | |(AV:N/AC:L/Au:N/C:P/I:P/A:P | |) --- Comment #4 from Thomas Biege <thomas@novell.com> 2009-10-13 20:33:43 MDT --- CVE-2009-1416: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com