Boletines de Vulnerabilidades |
DSA-3408 gnutls26 - security update |
|
Información sobre el sistema |
|
Software afectado | Debian |
Descripción |
|
It was discovered that GnuTLS, a library implementing the TLS and SSLprotocols, incorrectly validates the first byte of padding in CBC modes.A remote attacker can possibly take advantage of this flaw to perform apadding oracle attack. More info: https://www.debian.org/security/2015/dsa-3408 |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CVE-2015-8313 and DSA-3408. |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Advisory issued | 2015-12-02 |