Bug 40412 - gnutls26: Multiple issues (4.1)
gnutls26: Multiple issues (4.1)
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.1
Other Linux
: P5 normal (vote)
: UCS 4.1-0-errata
Assigned To: Daniel Tröder
Philipp Hahn
Depends on:
Blocks: 40411
  Show dependency treegraph
Reported: 2016-01-11 14:17 CET by Arvid Requate
Modified: 2017-02-21 00:42 CET (History)
2 users (show)

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
requate: Patch_Available+


Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2016-01-11 14:17:55 CET
+++ This bug was initially created as a clone of Bug #40411 +++

Upstream Debian package version 2.12.20-8+deb7u5 fixes the following issues:

* fail to check the first byte of the padding in CBC modes (CVE-2015-8313)

* SLOTH: Security Losses from Obsolete and Truncated Transcript Hashes (CVE-2015-7575)
Comment 1 Daniel Tröder univentionstaff 2016-01-28 09:57:33 CET
repo_admin.py -U -r 4.1-0-0 -s errata4.1-0 -d wheezy -p gnutls26

Advisory (gnutls26.yaml): r67033
Comment 2 Philipp Hahn univentionstaff 2016-02-01 12:58:01 CET
OK: DEBIAN_FRONTEND=noninteractive aptitude -y install '?source-package(gnutls26)~i' # 2.12.20-8.29.201601280925
OK: UCS-4.0 < UCS-4.1
OK: apt-get install gnutls-bin
OK: apt-get install libgnutls26-dbg
OK: apt-get install gnutls26-doc
OK: apt-get install libgnutls-openssl27
OK: apt-get install libgnutlsxx27
OK: apt-get install guile-gnutls # unmaintained=yes
OK: apt-get install libgnutls-dev # unmaintained=yes

OK: amd64

OK: elinks http://google.de/
OK: gnutls-cli mail.univention.de -p submission -s --insecure
OK: ldapsearch -H "ldap://$(ucr get ldap/master)" -b "$(ucr get ldap/base)" -D "$(ucr get ldap/hostdn)" -y /etc/machine.secret -ZZ -LLL uid=Administrator uid

OK: zless /usr/share/doc/libgnutls26/changelog.Debian.gz
OK: CVE-2015-8313
OK: CVE-2015-7575
FIXED: gnutls26.yaml r67096
OK: errata-announce -VVBB --only gnutls26.yaml
Comment 3 Janek Walkenhorst univentionstaff 2016-02-04 13:45:34 CET