Security update for gnutls
|References:||#835760 #865804 #865993|
An update that solves two vulnerabilities and has one errata is now available.
The GNUTLS library received a critical security fix and
* CVE-2014-0092: The X.509 certificate verification had
incorrect error handling, which could lead to broken
certificates marked as being valid.
* CVE-2009-5138: A verification problem in handling V1
certificates could also lead to V1 certificates incorrectly
Additionally, a memory leak in PSK authentication was
Security Issues references:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.7 for SLE 11 SP2:
zypper in -t patch sleman17sp2-gnutls-9028
To bring your system up-to-date, use "zypper patch".
- SUSE Manager 1.7 for SLE 11 SP2 (x86_64):