Novell Home

CVE-2014-0092

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-0092 at MITRE

Description

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

NVD CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)

Novell/SUSE information

Novell Bugzilla entry: 865804

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Server 11 SP1
  • gnutls-debuginfo >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8948
SLE 11 SP1 DEBUGINFO
  • gnutls-debuginfo >= 2.4.1-24.39.49.1
  • gnutls-debugsource >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8951
SUSE Linux Enterprise Server 11 SP1 LTSS
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8951
SUSE Linux Enterprise Server 11 SP1 LTSS
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-32bit >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8951
SUSE Linux Enterprise 10 SP4 DEBUGINFO for AMD64 and Intel EM64T
SUSE Linux Enterprise 10 SP4 DEBUGINFO for IBM zSeries 64bit
SUSE Linux Enterprise 10 SP4 DEBUGINFO for x86
  • gnutls-debuginfo >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8790
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • gnutls >= 1.2.10-13.38.1
  • gnutls-devel >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8790
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • gnutls >= 1.2.10-13.38.1
  • gnutls-32bit >= 1.2.10-13.38.1
  • gnutls-devel >= 1.2.10-13.38.1
  • gnutls-devel-32bit >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8790
SUSE Manager 1.7 for SLE 11 SP2
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-32bit >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 9028
SUSE Linux Enterprise Server 10 SP3 DEBUGINFO
  • gnutls-debuginfo >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8789
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • gnutls >= 1.2.10-13.38.1
  • gnutls-devel >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8789
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • gnutls >= 1.2.10-13.38.1
  • gnutls-32bit >= 1.2.10-13.38.1
  • gnutls-devel >= 1.2.10-13.38.1
  • gnutls-devel-32bit >= 1.2.10-13.38.1
Builds
ZYPP Patch Nr: 8789
SLE 11 SP3 DEBUGINFO
  • gnutls-debuginfo >= 2.4.1-24.39.49.1
  • gnutls-debugsource >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise High Availability Extension 11 SP3
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libgnutls-devel >= 2.4.1-24.39.49.1
  • libgnutls-extra-devel >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Desktop 11 SP3
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Desktop 11 SP3
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-32bit >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Server 11 SP3
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-x86 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-32bit >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8949
SUSE CORE 9 for AMD64 and Intel EM64T
  • gnutls >= 1.0.8-26.34
  • gnutls-devel >= 1.0.8-26.34
Builds
YOU Patch Nr: 12995
SLE 11 SP2 DEBUGINFO
  • gnutls-debuginfo >= 2.4.1-24.39.49.1
  • gnutls-debugsource >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8950
SUSE Linux Enterprise Server 11 SP2 LTSS
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8950
SUSE Linux Enterprise Server 11 SP2 LTSS
  • gnutls >= 2.4.1-24.39.49.1
  • libgnutls-extra26 >= 2.4.1-24.39.49.1
  • libgnutls26 >= 2.4.1-24.39.49.1
  • libgnutls26-32bit >= 2.4.1-24.39.49.1
Builds
SAT Patch Nr: 8950
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for x86
  • gnutls >= 1.0.8-26.30
  • gnutls-devel >= 1.0.8-26.30
Builds
YOU Patch Nr: 12996

© 2014 Novell