I'm not planning to provide a running mirror of all updates to the Slackware changelog, but this one is pretty important. GnuTLS is a secure communications library implementing the
SSL, TLS and DTLS protocols and technologies around them. It provides a programming interface to access secure protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP (are you encrypting your emails yet?) and other required structures. In other words, it's crucial for communicating privately and securely.
Here's the
announcement from the changelog:
This update prevents a side-channel attack which may allow remote attackers
to conduct distinguishing attacks and plaintext recovery attacks using
statistical analysis of timing data for crafted packets.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1619
(* Security fix *)
0 comments:
Post a Comment