|Category:||SuSE Local Security Checks|
|Title:||openSUSE: Security Advisory for gnutls (openSUSE-SU-2020:1743-1)|
|Summary:||The remote host is missing an update for the 'gnutls'; package(s) announced via the openSUSE-SU-2020:1743-1 advisory.|
The remote host is missing an update for the 'gnutls'
package(s) announced via the openSUSE-SU-2020:1743-1 advisory.
This update for gnutls fixes the following issues:
- Fix heap buffer overflow in handshake with no_renegotiation alert sent
- FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086)
- FIPS: Use 2048 bit prime in DH selftest (bsc#1176086)
- FIPS: Add TLS KDF selftest (bsc#1176671)
This update was imported from the SUSE:SLE-15:Update update project.
To install this openSUSE Security Update use the SUSE recommended
like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1743=1
'gnutls' package(s) on openSUSE Leap 15.2.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-24659|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.