rhsa-2014_0594
Vulnerability from csaf_redhat
Published
2014-06-03 16:06
Modified
2024-11-22 08:01
Summary
Red Hat Security Advisory: gnutls security update
Notes
Topic
Updated gnutls packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The GnuTLS library provides support for cryptographic algorithms and for
protocols such as Transport Layer Security (TLS). The gnutls packages also
include the libtasn1 library, which provides Abstract Syntax Notation One
(ASN.1) parsing and structures management, and Distinguished Encoding Rules
(DER) encoding and decoding functions.
A flaw was found in the way GnuTLS parsed session IDs from ServerHello
messages of the TLS/SSL handshake. A malicious server could use this flaw
to send an excessively long session ID value, which would trigger a buffer
overflow in a connecting TLS/SSL client application using GnuTLS, causing
the client application to crash or, possibly, execute arbitrary code.
(CVE-2014-3466)
It was discovered that the asn1_get_bit_der() function of the libtasn1
library incorrectly reported the length of ASN.1-encoded data. Specially
crafted ASN.1 input could cause an application using libtasn1 to perform
an out-of-bounds access operation, causing the application to crash or,
possibly, execute arbitrary code. (CVE-2014-3468)
Multiple incorrect buffer boundary check issues were discovered in
libtasn1. Specially crafted ASN.1 input could cause an application using
libtasn1 to crash. (CVE-2014-3467)
Multiple NULL pointer dereference flaws were found in libtasn1's
asn1_read_value() function. Specially crafted ASN.1 input could cause an
application using libtasn1 to crash, if the application used the
aforementioned function in a certain way. (CVE-2014-3469)
Red Hat would like to thank GnuTLS upstream for reporting these issues.
Upstream acknowledges Joonas Kuorilehto of Codenomicon as the original
reporter of CVE-2014-3466.
Users of GnuTLS are advised to upgrade to these updated packages, which
correct these issues. For the update to take effect, all applications
linked to the GnuTLS or libtasn1 library must be restarted.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated gnutls packages that fix multiple security issues are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GnuTLS library provides support for cryptographic algorithms and for\nprotocols such as Transport Layer Security (TLS). The gnutls packages also\ninclude the libtasn1 library, which provides Abstract Syntax Notation One\n(ASN.1) parsing and structures management, and Distinguished Encoding Rules\n(DER) encoding and decoding functions.\n\nA flaw was found in the way GnuTLS parsed session IDs from ServerHello\nmessages of the TLS/SSL handshake. A malicious server could use this flaw\nto send an excessively long session ID value, which would trigger a buffer\noverflow in a connecting TLS/SSL client application using GnuTLS, causing\nthe client application to crash or, possibly, execute arbitrary code.\n(CVE-2014-3466)\n\nIt was discovered that the asn1_get_bit_der() function of the libtasn1\nlibrary incorrectly reported the length of ASN.1-encoded data. Specially\ncrafted ASN.1 input could cause an application using libtasn1 to perform\nan out-of-bounds access operation, causing the application to crash or,\npossibly, execute arbitrary code. (CVE-2014-3468)\n\nMultiple incorrect buffer boundary check issues were discovered in\nlibtasn1. Specially crafted ASN.1 input could cause an application using\nlibtasn1 to crash. (CVE-2014-3467)\n\nMultiple NULL pointer dereference flaws were found in libtasn1\u0027s\nasn1_read_value() function. Specially crafted ASN.1 input could cause an\napplication using libtasn1 to crash, if the application used the\naforementioned function in a certain way. (CVE-2014-3469)\n\nRed Hat would like to thank GnuTLS upstream for reporting these issues.\nUpstream acknowledges Joonas Kuorilehto of Codenomicon as the original\nreporter of CVE-2014-3466.\n\nUsers of GnuTLS are advised to upgrade to these updated packages, which\ncorrect these issues. For the update to take effect, all applications\nlinked to the GnuTLS or libtasn1 library must be restarted.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0594",
"url": "https://access.redhat.com/errata/RHSA-2014:0594"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1101932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101932"
},
{
"category": "external",
"summary": "1102022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102022"
},
{
"category": "external",
"summary": "1102323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102323"
},
{
"category": "external",
"summary": "1102329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102329"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0594.json"
}
],
"title": "Red Hat Security Advisory: gnutls security update",
"tracking": {
"current_release_date": "2024-11-22T08:01:16+00:00",
"generator": {
"date": "2024-11-22T08:01:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2014:0594",
"initial_release_date": "2014-06-03T16:06:30+00:00",
"revision_history": [
{
"date": "2014-06-03T16:06:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-06-03T16:06:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T08:01:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.i386",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.i386",
"product_id": "gnutls-0:1.4.1-16.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"product": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"product_id": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-16.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"product": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"product_id": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-16.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.x86_64",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.x86_64",
"product_id": "gnutls-0:1.4.1-16.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.src",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.src",
"product_id": "gnutls-0:1.4.1-16.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"product": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"product_id": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-16.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.ia64",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.ia64",
"product_id": "gnutls-0:1.4.1-16.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.s390",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.s390",
"product_id": "gnutls-0:1.4.1-16.el5_10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"product": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"product_id": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-16.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.s390x",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.s390x",
"product_id": "gnutls-0:1.4.1-16.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"product": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"product_id": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-utils@1.4.1-16.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.ppc",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc",
"product_id": "gnutls-0:1.4.1-16.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"product": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"product_id": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-debuginfo@1.4.1-16.el5_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"product": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"product_id": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls-devel@1.4.1-16.el5_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnutls-0:1.4.1-16.el5_10.ppc64",
"product": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc64",
"product_id": "gnutls-0:1.4.1-16.el5_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnutls@1.4.1-16.el5_10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.src",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Client-Workstation-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-devel-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnutls-utils-0:1.4.1-16.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
},
"product_reference": "gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"GnuTLS upstream"
]
},
{
"names": [
"Joonas Kuorilehto"
],
"organization": "Codenomicon",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2014-3466",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2014-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1101932"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3466"
},
{
"category": "external",
"summary": "RHBZ#1101932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101932"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3466",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3466"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3466",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3466"
}
],
"release_date": "2014-05-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-03T16:06:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0594"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)"
},
{
"acknowledgments": [
{
"names": [
"GnuTLS upstream"
]
}
],
"cve": "CVE-2014-3467",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2014-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1102022"
}
],
"notes": [
{
"category": "description",
"text": "Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtasn1: multiple boundary check issues",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3467"
},
{
"category": "external",
"summary": "RHBZ#1102022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3467",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3467"
}
],
"release_date": "2014-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-03T16:06:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0594"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtasn1: multiple boundary check issues"
},
{
"acknowledgments": [
{
"names": [
"GnuTLS upstream"
]
}
],
"cve": "CVE-2014-3468",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2014-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1102323"
}
],
"notes": [
{
"category": "description",
"text": "The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtasn1: asn1_get_bit_der() can return negative bit length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3468"
},
{
"category": "external",
"summary": "RHBZ#1102323",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102323"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3468"
}
],
"release_date": "2014-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-03T16:06:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0594"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtasn1: asn1_get_bit_der() can return negative bit length"
},
{
"acknowledgments": [
{
"names": [
"GnuTLS upstream"
]
}
],
"cve": "CVE-2014-3469",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2014-05-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1102329"
}
],
"notes": [
{
"category": "description",
"text": "The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtasn1: asn1_read_value_type() NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3469"
},
{
"category": "external",
"summary": "RHBZ#1102329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3469",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3469"
}
],
"release_date": "2014-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-06-03T16:06:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0594"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Client-Workstation-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Client-Workstation-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.src",
"5Server-5.10.Z:gnutls-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-debuginfo-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.ppc64",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-devel-0:1.4.1-16.el5_10.x86_64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.i386",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ia64",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.ppc",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.s390x",
"5Server-5.10.Z:gnutls-utils-0:1.4.1-16.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtasn1: asn1_read_value_type() NULL pointer dereference"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.