Re: gnutls security breach
Hello all,
On Wed, Mar 05, 2014 at 03:10:59AM -0500, Ric Moore wrote:
> Anyone see this?
> http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hundreds-of-apps-open-to-eavesdropping/
>
> Good thing Red Hat caught it:
> https://rhn.redhat.com/errata/RHSA-2014-0246.html
For Debian, see <https://security-tracker.debian.org/tracker/CVE-2014-0092>.
> Yeow! I just did update / upgrade to Jessy, but didn't see the
> security fix come through yet. Ric
Debian released a security advisory on the same day, cf.
<https://www.debian.org/security/2014/dsa-2869>. The update for Jessie,
which still is the current "testing" release and as such doesn't
necessarily receive timely updates, is pending (currently blocked by not
being built on all architectures).
Cheers,
Flo
Reply to: