Re: gnutls security breach

To: debian-user@lists.debian.org
Subject: Re: gnutls security breach
From: Florian Ernst <florian_ernst@gmx.net>
Date: Wed, 5 Mar 2014 09:26:07 +0100
Message-id: <[🔎] 20140305082607.GA19614@fernst.no-ip.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 5316DC13.3040900@gmail.com>
References: <[🔎] 5316DC13.3040900@gmail.com>

Hello all,

On Wed, Mar 05, 2014 at 03:10:59AM -0500, Ric Moore wrote:
> Anyone see this?
> http://arstechnica.com/security/2014/03/critical-crypto-bug-leaves-linux-hundreds-of-apps-open-to-eavesdropping/
> 
> Good thing Red Hat caught it:
> https://rhn.redhat.com/errata/RHSA-2014-0246.html

For Debian, see <https://security-tracker.debian.org/tracker/CVE-2014-0092>.

> Yeow! I just did update / upgrade to Jessy, but didn't see the
> security fix come through yet. Ric

Debian released a security advisory on the same day, cf.
<https://www.debian.org/security/2014/dsa-2869>. The update for Jessie,
which still is the current "testing" release and as such doesn't
necessarily receive timely updates, is pending (currently blocked by not
being built on all architectures).

Cheers,
Flo

Reply to:

References:
- gnutls security breach
  - From: Ric Moore <wayward4now@gmail.com>

Prev by Date: Re: Here's how to make yourself happier OT in re systemd
Next by Date: Re: gnutls security breach
Previous by thread: gnutls security breach
Next by thread: Re: gnutls security breach
Index(es):
- Date
- Thread