Synopsis: Important: gnutls security update Advisory ID: SLSA-2014:0594-1 Issue Date: 2014-06-03 CVE Numbers: CVE-2014-3466 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 -- A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) For the update to take effect, all applications linked to the GnuTLS or libtasn1 library must be restarted. -- SL5 x86_64 gnutls-1.4.1-16.el5_10.i386.rpm gnutls-1.4.1-16.el5_10.x86_64.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.x86_64.rpm gnutls-utils-1.4.1-16.el5_10.x86_64.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.x86_64.rpm i386 gnutls-1.4.1-16.el5_10.i386.rpm gnutls-debuginfo-1.4.1-16.el5_10.i386.rpm gnutls-utils-1.4.1-16.el5_10.i386.rpm gnutls-devel-1.4.1-16.el5_10.i386.rpm - Scientific Linux Development Team