| Summary: | gnutls new security issue CVE-2023-0361 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, geiger.david68210, herman.viaene, sysadmin-bugs, tomhiddleston23c, zetisonapi |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | gnutls-3.7.8-2.mga9.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2023-02-15 17:44:10 CET
David Walser
2023-02-15 17:44:20 CET
Whiteboard:
(none) =>
MGA8TOO This pkg has various maintainers, so assigning this update globally. Assignee:
bugsquad =>
pkg-bugs Debian-LTS has issued an advisory for this on February 18: https://www.debian.org/lts/security/2023/dla-3321 Done for both mga8 and Cauldron! CC:
(none) =>
geiger.david68210 Cauldron updated to 3.8.0 and Mageia 8 patched. Thanks! libgnutls30-3.6.15-3.4.mga8 gnutls-3.6.15-3.4.mga8 libgnutls-devel-3.6.15-3.4.mga8 libgnutlsxx28-3.6.15-3.4.mga8 from gnutls-3.6.15-3.4.mga8.src.rpm Whiteboard:
MGA8TOO =>
(none) MGA8-64 MATE on Acer Aspire 5253 No installation issues. Ref bug 29021 Comment 4 $ gnutls-cli mach1 Processed 140 CA certificate(s). Resolving 'mach1:443'... Connecting to '192.168.2.1:443'... - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `EMAIL=root@localhost,OU=default httpd cert for localhost,CN=localhost', issuer `EMAIL=root@localhost,OU=default httpd cert for localhost,CN=localhost', serial 0x2b26b631453768c44ab1a432961d780848570faf, RSA key 2048 bits, signed using RSA-SHA256, activated `2021-04-06 11:45:22 UTC', expires `2022-04-06 11:45:22 UTC', pin-sha256="pvMLJ62KvViacXZFR/MDuWiWbWIvZhmbUIkRWjW08nA=" Public Key ID: sha1:0a76055c20ef7bac21648d9fe12caa4928c82799 sha256:a6f30b27ad8abd589a71764547f303b968966d622f66199b5089115a35b4f270 Public Key PIN: pin-sha256:pvMLJ62KvViacXZFR/MDuWiWbWIvZhmbUIkRWjW08nA= - Status: The certificate is NOT trusted. The certificate issuer is unknown. The certificate chain uses expired certificate. The name in the certificate does not match the expected. *** PKI verification of server certificate failed... *** Fatal error: Error in the certificate. $ gnutls-serv Warning: no private key and certificate pairs were set. HTTP Server listening on IPv4 0.0.0.0 port 5556...done HTTP Server listening on IPv6 :: port 5556...done pointing the browser to http://localhost:5556/ and got some binary data as an answer. at the CLI got this feedback: * Accepted connection from IPv4 127.0.0.1 port 48666 on Tue Feb 21 10:40:56 202 |<0x1839b00>| Received record packet of unknown type 71 Error in handshake: An unexpected TLS packet was received. * Accepted connection from IPv4 127.0.0.1 port 48674 on Tue Feb 21 10:40:56 202 |<0x1839b00>| Received record packet of unknown type 71 Error in handshake: An unexpected TLS packet was received. All inline with refered previous bug, so OK. CC:
(none) =>
herman.viaene Validating. Keywords:
(none) =>
validated_update
Dave Hodgins
2023-02-25 20:03:42 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0067.html Resolution:
(none) =>
FIXED This update never actually got pushed. Status:
RESOLVED =>
REOPENED Fixed. Resolution:
(none) =>
FIXED Some video games can be educational. They can teach players about history, science, and other subjects. https://geometrydashfree.io CC:
(none) =>
zetisonapi Not just competition on the field, https://basketball-stars.live also brings players to diverse arenas. From international tournaments to unique duels, the game explores and challenges the limits of basketball skill and strategy. CC:
(none) =>
tomhiddleston23c |