Linux, falla critica GnuTLS

[sabayonino]

Linux, falla critica GnuTLS lascia vulnerabili milioni di sistemi e app

Una falla critica alla GnuTLS Library, una popolare risorsa per la crittografia, lascia spalancate le porte allo spionaggio informatico su sistemi e pacchetti open source molto popolari.

(Continua... Via Downloadblog.it)

[...] Inutile dire che la falla è imbarazzante, specie perché in un ambiente open source è piuttosto anormale che un simile buco passasse inosservato tanto a lungo pur restando sotto agli occhi di tutti.[...]

http://www.gnutls.org/security.html#GNUTLS-SA-2014-2

How to mitigate the attack?

Upgrade to the latest GnuTLS version (3.2.12 or 3.1.22), or apply the patch for GnuTLS 2.12.x.

https://bugs.gentoo.org/show_bug.cgi?id=503394

http://packages.gentoo.org/package/net-libs/gnutls

[winrar]

I definitely do not speak Italian, but...

I did all the work already!

I really didn't do any work, kudos to Nikos Mavrogiannopoulos for finding his own bug and submitting patches so that guys like me can come along and steal his credit

[sabayonino]

I definitely do not speak Italian, but...

I did all the work already!

I really didn't do any work, kudos to Nikos Mavrogiannopoulos for finding his own bug and submitting patches so that guys like me can come along and steal his credit

tnx , gnutls is already pached in sabayonlinux.org repository https://packages.sabayon.org/show/gnutl ... 5,standard

net-libs/gnutls-2.12.23-r4 is already patched

see https://packages.sabayon.org/show/gnutl ... -show-what