USN-1752-1: GnuTLS vulnerability
27 February 2013
GnuTLS could be made to expose sensitive information over the network.
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used
in GnuTLS was vulnerable to a timing side-channel attack known as the
"Lucky Thirteen" issue. A remote attacker could use this issue to perform
plaintext-recovery attacks via analysis of timing data.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.