Evaluator Solution

Per: http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230 "Please note that the problem was solved for GnuTLS 1.2.1, released on 2005-04-04. Also, 32-bit platforms are not affected. I have added information about this on http://www.gnu.org/software/gnutls/security.html so that it contains the complete list of known security flaws. I'm using the keyword GNUTLS-SA-2010-1 for this."

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html

http://secunia.com/advisories/39127

http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230

http://www.mandriva.com/security/advisories?name=MDVSA-2010:089

http://www.redhat.com/support/errata/RHSA-2010-0167.html

http://www.securityfocus.com/bid/38959

http://www.vupen.com/english/advisories/2010/0713

http://www.vupen.com/english/advisories/2010/1054

https://bugzilla.redhat.com/show_bug.cgi?id=573028

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9759

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9759 [No Types Assigned]

http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9759 [No Types Assigned]