[slackware-security] gnutls (SSA:2020-155-01)
New gnutls packages are available for Slackware 14.2 and -current to fix security issues.
Läs mer...Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gnutls-3.6.14-i586-1_slack14.2.txz: Upgraded. Fixed insecure session ticket key construction, since 3.6.4. The TLS server would not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2. [GNUTLS-SA-2020-06-03, CVSS: high] (* Security fix *)
+--------------------------+
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-68.9.0esr-i686-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ (* Security fix *) +--------------------------+
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering