update: gnutls #1277

dongsupark · 2023-12-04T09:59:20Z

Name: gnutls
CVEs: CVE-2023-5981
CVSSs: 5.9
Action Needed: update to >= 3.8.2

Summary: A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

refmap.gentoo: https://bugs.gentoo.org/918663

dongsupark added security security concerns advisory security advisory labels Dec 4, 2023

github-project-automation bot added this to Flatcar tactical, release planning, and roadmap Dec 4, 2023

github-project-automation bot moved this to 📝 Needs Triage in Flatcar tactical, release planning, and roadmap Dec 4, 2023

dongsupark moved this from 📝 Needs Triage to 🪵Backlog in Flatcar tactical, release planning, and roadmap Dec 4, 2023

dongsupark added the cvss/MEDIUM >= 4 && < 7 assessed CVSS label Dec 8, 2023

github-actions bot mentioned this issue Dec 22, 2023

Monthly contributions report 2023-11-22 - 2023-12-21 #1305

Closed

krnowak mentioned this issue Jan 5, 2024

Weekly portage-stable package updates 2024-01-01 flatcar/scripts#1535

Merged

2 tasks

dongsupark moved this from 🪵Backlog to ⚒️ In Progress in Flatcar tactical, release planning, and roadmap Jan 9, 2024

krnowak closed this as completed in flatcar/scripts#1535 Jan 11, 2024

github-project-automation bot moved this from ⚒️ In Progress to Implemented in Flatcar tactical, release planning, and roadmap Jan 11, 2024

github-actions bot mentioned this issue Jan 22, 2024

Monthly contributions report 2023-12-22 - 2024-01-21 #1327

Closed

dongsupark removed this from Flatcar tactical, release planning, and roadmap Jul 3, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

update: gnutls #1277

update: gnutls #1277

dongsupark commented Dec 4, 2023 •

edited

Loading

update: gnutls #1277

update: gnutls #1277

Comments

dongsupark commented Dec 4, 2023 • edited Loading

dongsupark commented Dec 4, 2023 •

edited

Loading