GnuTLS Vulnerability Fixed in All Supported Ubuntu OSes

All of Canonical's operating systems have been affected by this problem

On May 29, Canonical published in a security notice details about a GnuTLS vulnerability for its Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.

According to Canonical, GnuTLS could have been made to crash if it received specially crafted network traffic.

It was discovered that GnuTLS incorrectly handled certain padding bytes. A remote attacker could have used this flaw to cause an application, using GnuTLS, to crash, and thus leading to a denial of service.

The security flaws can be fixed if you upgrade your system(s) to the latest libgnutls26 package, specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.

Hot right now  ·  Latest news