[Tails-dev] Fwd: gnutls26 security update

Poista viesti

Vastaa
Lähettäjä: intrigeri
Päiväys:  
Vastaanottaja: tails-dev
Aihe: [Tails-dev] Fwd: gnutls26 security update
hi,

we might want to add the Squeeze LTS sources for 1.0.1,
to get e.g. this security fix.

anonym, and anyone else wanting to help with the RM duty, you'll
definitely want to subscribe to the debian-lts-announce list.

Package : gnutls26
Version        : 2.8.6-1+squeeze4
CVE ID         : CVE-2014-3466


Joonas Kuorilehto discovered that GNU TLS performed insufficient
validation of session IDs during TLS/SSL handshakes. A malicious
server could use this to execute arbitrary code or perform denial
or service.

--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc