'[slackware-security] gnutls (SSA:2013-242-01)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    [slackware-security]  gnutls (SSA:2013-242-01)
From:       Slackware Security Team <security () slackware ! com>
Date:       2013-08-30 7:46:14
Message-ID: alpine.LNX.2.02.1308300045550.22777 () connie ! slackware ! com
[Download RAW message or body]


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  gnutls (SSA:2013-242-01)

New gnutls packages are available for Slackware 14.0, and -current to fix a
security issue.


Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/gnutls-3.0.26-i486-1_slack14.0.txz:  Upgraded.
  This update prevents a side-channel attack which may allow remote attackers
  to conduct distinguishing attacks and plaintext recovery attacks using
  statistical analysis of timing data for crafted packets.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnutls-3.0.26-i486-1_slack14.0.txz


Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnutls-3.0.26-x86_64-1_slack14.0.txz


Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnutls-3.0.26-i486-1.txz


Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnutls-3.0.26-x86_64-1.txz



MD5 signatures:
+-------------+

Slackware 14.0 package:
b4871658060b56ee03e2d04a9d5b96e4  gnutls-3.0.26-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
976ca3bf65238d75a027cb2203cf9612  gnutls-3.0.26-x86_64-1_slack14.0.txz

Slackware -current package:
16e99934d07c8aab09016e0cb2c6cfa1  n/gnutls-3.0.26-i486-1.txz

Slackware x86_64 -current package:
dffa995fb8369f1c7afd7342dd31697e  n/gnutls-3.0.26-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg gnutls-3.0.26-i486-1_slack14.0.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
> To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
> Send an email to majordomo@slackware.com with this text in the body of |
> the email message:                                                     |
> > 
> unsubscribe slackware-security                                       |
> > 
> You will get a confirmation message back containing instructions to    |
> complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iEYEARECAAYFAlIgQbIACgkQakRjwEAQIjMpUgCeIapFXShUhqZ6tHE8WRh9nd47
MxQAnRMdKQqpWs44rlJ91xeZHNM4lb3W
=UAHe
-----END PGP SIGNATURE-----


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic