mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-02 18:32:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
63d05fc061006bf1a88630d6d91cdc76ea33fbf2
poky/meta/recipes-support/gnutls
History
Vijay Anusuri 574b303503 gnutls: Backport fix for CVE-2024-0553 
CVE-2024-0553
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

Upstream-Status: Backport [40dbbd8de4]

(From OE-Core rev: a07cc0b6fa4a485f318fd2957e434b63f5907d7e)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-01-31 03:51:10 -10:00
..
gnutls
gnutls: Backport fix for CVE-2024-0553
2024-01-31 03:51:10 -10:00
libtasn1
libtasn1: fix CVE-2021-46848 off-by-one in asn1_encode_simple_der
2022-12-07 15:06:36 +00:00
gnutls_3.6.14.bb
gnutls: Backport fix for CVE-2024-0553
2024-01-31 03:51:10 -10:00
libtasn1_4.16.0.bb
libtasn1: fix CVE-2021-46848 off-by-one in asn1_encode_simple_der
2022-12-07 15:06:36 +00:00