Two GnuTLS Bugfix Releases

May 21, 2008

The GnuTLS project has published two bugfix releases to close several vulnerabilities and resolve an error capable of interrupting connections.

The developers closed down three security holes in the GnuTLS encryption library in version 2.2.4, however, the release introduced a new bug. According to security researchers Secunia, the vulnerabilities closed by the 2.2.4 release were extremely critical.

Attackers could exploit the three bugs to perform denial of service attacks: a sign error in the "_gnutls_ciphertext2compressed()" function, which is part of the "lib/gnutls_cipher.c" library, led to a read/write error capable of crashing applications affected by it. Two further errors occurred in "Client Hello" message processing – attackers could exploit the first error by injecting a manipulated "Server Name" extension to trigger a heap based buffer overflow which could then be exploited to execute arbitrary code. The second error was a null pointer dereference that could cause the application to crash. All of these vulnerabilities were confirmed for all GnuTLS versions prior to 2.2.4.

Version 2.2.5 published the same day removes errors introduced by the developers in 2.2.4, mainly a bug that caused interruptions to service.

The stable release and patches for older versions are available for downloading from various mirror servers. For more information on the vulnerabilities by the developers themselves, visit the GnuTLS website.

Related content

comments powered by Disqus

Issue 237/2020

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)

News

Tag Cloud

Administration Community Desktop Events Hardware Linux Linux Pro Magazine Mobile Programming Software Ubuntu Web Development Windows free software open source