Bug#988508: buster-pu: package gnutls28/3.6.7-4+deb10u7
Control: tags -1 + confirmed
On Fri, 2021-05-14 at 14:08 +0200, Andreas Metzler wrote:
> I would like to fix three minor security issues (non-DSA) in stable.
> * 46_handshake-reject-no_renegotiation-alert-if-handshake.patch
> pulled from
> 3.6.15: It was found by oss-fuzz that the server sending a
> "no_renegotiation" alert in an unexpected timing, followed by an
> invalid
> second handshake can cause a TLS 1.3 client to crash via a null-
> pointer
> dereference. The crash happens in the application's error handling
> path,
> where the gnutls_deinit function is called after detecting a
> handshake
> failure.
> GNUTLS-SA-2020-09-04 CVE-2020-24659 Closes: #969547
> * Pull multiple fixes designated for 3.6.15 bugfix release:
> + 47_rel3.6.16_01-gnutls_buffer_append_data-remove-duplicated-
> code.patch
> + 47_rel3.6.16_02-_gnutls_buffer_resize-add-option-to-use-
> allocation-s.patch
> + 47_rel3.6.16_03-key_share-avoid-use-after-free-around-
> realloc.patch
> (CVE-2021-20231) and
> 47_rel3.6.16_04-pre_shared_key-avoid-use-after-free-around-
> realloc.patch
> (CVE-2021-20232), both together GNUTLS-SA-2021-03-10.
> + 47_rel3.6.16_05-_gnutls_buffer_resize-account-for-unused-area-if-
> AGG.patch
> + 47_rel3.6.16_06-str-suppress-Wunused-function-if-
> AGGRESSIVE_REALLOC-.patch
>
Please go ahead.
Regards,
Adam
Reply to: