Security update for gnutls SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:0077-1 Final 1 1 2016-01-11T15:41:07Z current 2016-01-11T15:41:07Z 2016-01-11T15:41:07Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gnutls This update for gnutls fixes the following security issues: - CVE-2015-8313: First byte of the padding in CBC mode is not checked (bsc#957568) - CVE-2015-2806: Two-byte stack overflow in asn1_der_decoding (bsc#924828) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-gnutls-12312,sdksp4-gnutls-12312,sledsp3-gnutls-12312,sledsp4-gnutls-12312,slehasp3-gnutls-12312,slehasp4-gnutls-12312,slessp3-gnutls-12312,slessp4-gnutls-12312 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20160077-1/ Link for SUSE-SU-2016:0077-1 https://lists.suse.com/pipermail/sle-security-updates/2016-January/001791.html E-Mail link for SUSE-SU-2016:0077-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/924828 SUSE Bug 924828 https://bugzilla.suse.com/947271 SUSE Bug 947271 https://bugzilla.suse.com/957568 SUSE Bug 957568 https://www.suse.com/security/cve/CVE-2015-2806/ SUSE CVE CVE-2015-2806 page https://www.suse.com/security/cve/CVE-2015-8313/ SUSE CVE CVE-2015-8313 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 libgnutls-devel-2.4.1-24.39.60.1 libgnutls-extra-devel-2.4.1-24.39.60.1 libgnutls-extra26-2.4.1-24.39.60.1 gnutls-2.4.1-24.39.60.1 libgnutls26-2.4.1-24.39.60.1 libgnutls26-32bit-2.4.1-24.39.60.1 libgnutls26-x86-2.4.1-24.39.60.1 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise High Availability Extension 11 SP3 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise High Availability Extension 11 SP4 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3 libgnutls26-x86-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libgnutls26-x86-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 libgnutls26-x86-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libgnutls26-x86-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 gnutls-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libgnutls26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libgnutls26-32bit-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libgnutls26-x86-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libgnutls-devel-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libgnutls-extra-devel-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 libgnutls-devel-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libgnutls-extra-devel-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libgnutls-extra26-2.4.1-24.39.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors. CVE-2015-2806 SUSE Linux Enterprise Desktop 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise High Availability Extension 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-extra-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-extra-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160077-1/ https://www.suse.com/security/cve/CVE-2015-2806.html CVE-2015-2806 https://bugzilla.suse.com/924828 SUSE Bug 924828 https://bugzilla.suse.com/929414 SUSE Bug 929414 https://bugzilla.suse.com/961491 SUSE Bug 961491 https://bugzilla.suse.com/969208 SUSE Bug 969208 GnuTLS incorrectly validates the first byte of padding in CBC modes CVE-2015-8313 SUSE Linux Enterprise Desktop 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Desktop 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise High Availability Extension 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise High Availability Extension 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP3:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server 11 SP4:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:gnutls-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-32bit-2.4.1-24.39.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libgnutls26-x86-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-extra-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP3:libgnutls-extra26-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-extra-devel-2.4.1-24.39.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libgnutls-extra26-2.4.1-24.39.60.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160077-1/ https://www.suse.com/security/cve/CVE-2015-8313.html CVE-2015-8313 https://bugzilla.suse.com/957568 SUSE Bug 957568