Wind River Support Network

HomeDefectsLIN6-6962

Fixed

LIN6-6962 : Security Advisory - gnutls - CVE-2014-1959

Created: Mar 16, 2014 Updated: Dec 3, 2018

Resolved Date: Mar 24, 2014

Found In Version: 6.0.0.5

Fix Version: 6.0.0.5

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1959

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38