Solution
Please Install the Updated Packages.
Insight
Flaws discovered in versions prior to 2.2.4 (stable) and 2.3.10 (development) of GnuTLS allow an attacker to cause denial of service (application crash), and maybe (so far undetermined) execute arbitrary code.
The updated packages have been patched to fix these flaws.
Note that any applications using this library must be restarted for the update to take effect.
Affected
gnutls on Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64,
Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64,
Mandriva Linux 2008.1,
Mandriva Linux 2008.1/X86_64
Severity
Classification
-
CVE CVE-2008-1948, CVE-2008-1949, CVE-2008-1950 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities