Mandriva: Subject: [Security Announce] [ MDVSA-2008:227 ] gnutls

Mandriva: Subject: [Security Announce] [ MDVSA-2008:227 ] gnutls
BugsAlert Home > Mandriva: Subject: [Security Announce] [ MDVSA-2008:227 ] gnutls




LinuxSecurity.com: Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates (CVE-2008-4989). The updated packages have been patched to correct this issue. Original Source: http://www.linuxsecurity.com/content/view/144193?rdf Learn more about Mandriva: Subject: [Security Announce] [ MDVSA-2008:227 ] gnutls


Tags: mandriva subject security announce mdvsa-2008 227 gnutls

Related Items
Mandriva: Subject: [Security Announce] [ MDVSA-2008:237 ] apache2
FrSIRT - RoomPHPlanning SQL Injection and Admin Account Creation Issues
GForge Insecure Temporary Files
Webshag v1.00 - Web Server Auditing Tool (Scanner and File Fuzzer)
Slackware update for ruby
FrSIRT - Claroline Multiple SQL Injection and Cross Site Scripting Vulnerabilities
Holidays for Hackers