DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2008-0322

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2008-0322-1

Published: 2008-11-17

Products

rPath Linux 2

Rating

Minor

Exposure Level Classification

Indirect User Deterministic Weakness

Updated Versions

gnutls=conary.rpath.com@rpl:2/2.2.5-1.1-1

rPath Issue Tracking System

RPL-2886

References

CVE-2008-4989

Description

Previous versions of the gnutls package contain a certificate-chain

validation error, making it possible for a man-in-the-middle attacker

to assume an arbitrary name and then trick GNU TLS clients into trusting

that name.

Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0322"

Categories: Support Issue | Advisories