Important: gnutls (SL5, SL6)

Synopsis: Important: gnutls security update
Advisory ID: SLSA-2013:0883-1
Issue Date: 2013-05-30
CVE Numbers: CVE-2013-2116
—

It was discovered that the fix for the CVE-2013-1619 issue released via
SLSA-2013:0588 introduced a regression in the way GnuTLS decrypted TLS/SSL
encrypted records when CBC-mode cipher suites were used. A remote attacker
could possibly use this flaw to crash a server or client application that
uses GnuTLS. (CVE-2013-2116)

For the update to take effect, all applications linked to the GnuTLS
library must be restarted.
—

SL5
x86_64
gnutls-devel-1.4.1-10.el5_9.2.x86_64.rpm
gnutls-utils-1.4.1-10.el5_9.2.x86_64.rpm
gnutls-1.4.1-10.el5_9.2.i386.rpm
gnutls-devel-1.4.1-10.el5_9.2.i386.rpm
gnutls-1.4.1-10.el5_9.2.x86_64.rpm
gnutls-debuginfo-1.4.1-10.el5_9.2.i386.rpm
gnutls-debuginfo-1.4.1-10.el5_9.2.x86_64.rpm
i386
gnutls-utils-1.4.1-10.el5_9.2.i386.rpm
gnutls-1.4.1-10.el5_9.2.i386.rpm
gnutls-devel-1.4.1-10.el5_9.2.i386.rpm
gnutls-debuginfo-1.4.1-10.el5_9.2.i386.rpm
srpm
gnutls-1.4.1-10.el5_9.2.src.rpm
noarch
gnutls-debuginfo-1.4.1-10.el5_9.2.i386.rpm
gnutls-debuginfo-1.4.1-10.el5_9.2.x86_64.rpm
SL6
x86_64
gnutls-devel-2.8.5-10.el6_4.2.x86_64.rpm
gnutls-2.8.5-10.el6_4.2.i686.rpm
gnutls-guile-2.8.5-10.el6_4.2.i686.rpm
gnutls-utils-2.8.5-10.el6_4.2.x86_64.rpm
gnutls-devel-2.8.5-10.el6_4.2.i686.rpm
gnutls-guile-2.8.5-10.el6_4.2.x86_64.rpm
gnutls-2.8.5-10.el6_4.2.x86_64.rpm
gnutls-debuginfo-2.8.5-10.el6_4.2.i686.rpm
gnutls-debuginfo-2.8.5-10.el6_4.2.x86_64.rpm
srpm
gnutls-2.8.5-10.el6_4.2.src.rpm
i386
gnutls-2.8.5-10.el6_4.2.i686.rpm
gnutls-guile-2.8.5-10.el6_4.2.i686.rpm
gnutls-devel-2.8.5-10.el6_4.2.i686.rpm
gnutls-utils-2.8.5-10.el6_4.2.i686.rpm
gnutls-debuginfo-2.8.5-10.el6_4.2.i686.rpm
noarch
gnutls-debuginfo-2.8.5-10.el6_4.2.x86_64.rpm
gnutls-debuginfo-2.8.5-10.el6_4.2.i686.rpm

– Scientific Linux Development Team