Slackware Advisory SSA:2008-315-01 Gnutls Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2008-315-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2008-315-01

Insight

New gnutls packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. NOTE: The package for 12.0 has a different shared library soname, and the packages for 12.1 and -current have an API/ABI change. Only the Pidgin package in Slackware links with GnuTLS, and upgraded Pidgin packages have also been made available. However, if the updated GnuTLS package is installed any other custom-compiled software that uses GnuTLS may need to be recompiled. More details about this issue will become available in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4989

Severity

Classification

CVE CVE-2008-4989

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Slackware Advisory SSA:2003-141-06 quotacheck security fix in rc.M
Slackware Advisory SSA:2005-255-01 dhcpcd DoS
Slackware Advisory SSA:2006-045-06 openssh
Slackware Advisory SSA:2005-203-05 fetchmail
Slackware Advisory SSA:2005-311-01 elm mailer

Slackware Advisory SSA:2008-315-01 gnutls

Take action and discover your vulnerabilities