Nixpkgs Security Tracker

Untriaged

Permalink CVE-2024-0567

created 4 months, 3 weeks ago

Gnutls: rejects certificate chain with distributed trust

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

Affected products

GnuTLS

==3.8.3

gnutls

*
<3.8.3

cockpit

odf4/cephcsi-rhel9

odf4/odf-cli-rhel9

odf4/mcg-core-rhel9

odf4/odf-console-rhel9

odf4/mcg-rhel9-operator

odf4/ocs-rhel9-operator

odf4/odf-rhel9-operator

odf4/odr-rhel9-operator

odf4/mcg-operator-bundle

odf4/ocs-operator-bundle

odf4/odf-operator-bundle

odf4/odf-must-gather-rhel9

odf4/odf-cosi-sidecar-rhel9

odf4/odr-hub-operator-bundle

odf4/ocs-client-console-rhel9

odf4/rook-ceph-rhel9-operator

odf4/ocs-client-rhel9-operator

openshift-logging/vector-rhel9

odf4/ocs-client-operator-bundle

odf4/ocs-metrics-exporter-rhel9

openshift-logging/fluentd-rhel9

odf4/odr-cluster-operator-bundle

odf4/odf-csi-addons-sidecar-rhel9

odf4/odf-csi-addons-rhel9-operator

odf4/odf-csi-addons-operator-bundle

odf4/odf-multicluster-console-rhel9

openshift-logging/eventrouter-rhel9

odf4/odf-multicluster-rhel9-operator

openshift-logging/logging-loki-rhel9

odf4/odf-multicluster-operator-bundle

openshift-logging/loki-rhel9-operator

openshift-logging/opa-openshift-rhel9

openshift-logging/elasticsearch6-rhel9

openshift-logging/loki-operator-bundle

openshift-logging/logging-curator5-rhel9

openshift-logging/lokistack-gateway-rhel9

openshift-logging/elasticsearch-proxy-rhel9

openshift-logging/logging-view-plugin-rhel9

openshift-logging/elasticsearch-rhel9-operator

openshift-logging/elasticsearch-operator-bundle

openshift-logging/cluster-logging-rhel9-operator

openshift-logging/log-file-metric-exporter-rhel9

openshift-logging/cluster-logging-operator-bundle

Matching in nixpkgs

pkgs.gnutls

GNU Transport Layer Security Library

nixos-unstable -
- nixpkgs-unstable 3.8.10

pkgs.cockpit

Web-based graphical interface for servers

nixos-unstable -
- nixpkgs-unstable 346

pkgs.guile-gnutls

Guile bindings for GnuTLS library

nixos-unstable -
- nixpkgs-unstable 5.0.1

pkgs.python312Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable -
- nixpkgs-unstable python3-gnutls-3.1.10

pkgs.python313Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable -
- nixpkgs-unstable python3-gnutls-3.1.10

Package maintainers

@lucasew Lucas Eduardo Wendt <lucas59356@gmail.com>
@vcunat Vladimír Čunát <v@cunat.cz>
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>

Untriaged

(browse all)

Permalink CVE-2023-5981

created 4 months, 3 weeks ago

Gnutls: timing side-channel in the rsa-psk authentication

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Affected products

GnuTLS

==3.8.2

gnutls

mingw-gnutls

odf4/cephcsi-rhel9

odf4/odf-cli-rhel9

odf4/mcg-core-rhel9

odf4/odf-console-rhel9

odf4/mcg-rhel9-operator

odf4/ocs-rhel9-operator

odf4/odf-rhel9-operator

odf4/odr-rhel9-operator

odf4/mcg-operator-bundle

odf4/ocs-operator-bundle

odf4/odf-operator-bundle

odf4/odf-must-gather-rhel9

odf4/odf-cosi-sidecar-rhel9

odf4/odr-hub-operator-bundle

odf4/ocs-client-console-rhel9

odf4/rook-ceph-rhel9-operator

odf4/ocs-client-rhel9-operator

openshift-logging/vector-rhel9

odf4/ocs-client-operator-bundle

odf4/ocs-metrics-exporter-rhel9

openshift-logging/fluentd-rhel9

odf4/odr-cluster-operator-bundle

odf4/odf-csi-addons-sidecar-rhel9

odf4/odf-csi-addons-rhel9-operator

odf4/odf-csi-addons-operator-bundle

odf4/odf-multicluster-console-rhel9

openshift-logging/eventrouter-rhel9

odf4/odf-multicluster-rhel9-operator

openshift-logging/logging-loki-rhel9

odf4/odf-multicluster-operator-bundle

openshift-logging/loki-rhel9-operator

openshift-logging/opa-openshift-rhel9

openshift-logging/elasticsearch6-rhel9

openshift-logging/loki-operator-bundle

openshift-logging/logging-curator5-rhel9

openshift-logging/lokistack-gateway-rhel9

openshift-logging/elasticsearch-proxy-rhel9

openshift-logging/logging-view-plugin-rhel9

openshift-logging/elasticsearch-rhel9-operator

openshift-logging/elasticsearch-operator-bundle

openshift-logging/cluster-logging-rhel9-operator

openshift-logging/log-file-metric-exporter-rhel9

openshift-logging/cluster-logging-operator-bundle

Matching in nixpkgs

pkgs.gnutls

GNU Transport Layer Security Library

nixos-unstable -
- nixpkgs-unstable 3.8.10

pkgs.guile-gnutls

Guile bindings for GnuTLS library

nixos-unstable -
- nixpkgs-unstable 5.0.1

pkgs.python312Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable -
- nixpkgs-unstable python3-gnutls-3.1.10

pkgs.python313Packages.python3-gnutls

Python wrapper for the GnuTLS library

nixos-unstable -
- nixpkgs-unstable python3-gnutls-3.1.10

Package maintainers

@vcunat Vladimír Čunát <v@cunat.cz>
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>

Suggestions search

Affected products

Matching in nixpkgs

pkgs.gnutls

pkgs.cockpit

pkgs.guile-gnutls

pkgs.python312Packages.python3-gnutls

pkgs.python313Packages.python3-gnutls

Package maintainers

Affected products

Matching in nixpkgs

pkgs.gnutls

pkgs.guile-gnutls

pkgs.python312Packages.python3-gnutls

pkgs.python313Packages.python3-gnutls

Package maintainers