Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
SUSE-SU-2020:2864-2 | Mondoo Vulnerability Intelligence
Vulnerability Intelligence
SUSE-SU-2020:2864-2
SUSE-SU-2020:2864-2
UNKNOWN
Security update for gnutls
Published Jul 14, 2022
Modified 3 years ago
Fix available
Details
This update for gnutls fixes the following issues:
Fix heap buffer overflow in handshake with no_renegotiation alert sent (CVE-2020-24659 bsc#1176181)
FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086)
FIPS: Use 2048 bit prime in DH selftest (bsc#1176086)
FIPS: Add TLS KDF selftest (bsc#1176671)
Affected Packages
gnutls
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls-devel
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls-devel-32bit
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls30
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls30-32bit
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls30-hmac
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutls30-hmac-32bit
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutlsxx-devel
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
libgnutlsxx28
SUSE Linux Enterprise Module for Certifications 15 SP3
Fixed in:
3.6.7-14.4.1
References
REPORT
https://bugzilla.suse.com/1176086
REPORT
https://bugzilla.suse.com/1176181
REPORT
https://bugzilla.suse.com/1176671
WEB
https://www.suse.com/security/cve/CVE-2020-24659
ADVISORY
https://www.suse.com/support/update/announcement/2020/suse-su-20202864-2/
Upstream
CVE-2020-24659
Related
CVE-2020-24659
Ecosystems
SUSE Linux Enterprise Module for Certifications 15 SP3
Timeline
Published
Jul 14, 2022
Modified
Jul 14, 2022