Bug in GnuTLS discovered on CentOS Linux - Update your GnuTLS pkg now!

Bug in GnuTLS library discovered – allows attackers to bypass SSL trivially – update your GnuTLS now!

Posted by Curtis K in Administration, CentOS 6, News, Security, Security Alerts Mar, 05 2014 1 Comment

What is the GnuTLS bug?

Red Hat has discovered a bug in the GnuTLS (GNU Transport Layer Security) package that may allow attackers to trivially bypass SSL (CVE-2014-0092). RHEL, CentOS, Debian and other popular Linux distributions are susceptible to potential eavesdropping due to this bug.

What version of GnuTLS is affected?

At this point it is known that package version gnutls-2.8.5-10 and below are affected.

How do I update this package?

To update this package, run the following command:

yum update gnutls

The patched version is gnutls-2.8.5-13 (and onwards).

Further Information

For more information, see the official RHEL update message.

Scan to Donate Bitcoin

Like this? Donate Bitcoin to Curtis K at:

Bitcoin

13KzxfEoFPzt5ccoQvSkUEytTgQV8JN5ej

Tags With: CentOS 6 gnutls bug CentOS gnutls CentOS gnutls bug CentOS SSL bug CentOS TLS bug CentOS update gnutls CVE-2014-0092 gnutls bug

About Author: Curtis K

Hi! My name is Curtis, and I am the creator of CentOS Blog. Please feel free to comment any suggestions, feedback or questions on my posts!

Pingback: Does Linux GnuTLS Cryptobug Affect DD-WRT Firmware? » FlashRouters Blog()