USN-4491-1: GnuTLS vulnerability

09 September 2020

GnuTLS could be made to crash or run programs if it received specially crafted network traffic.

Releases

Packages

Details

It was discovered that GnuTLS incorrectly handled certain alerts when being
used with TLS 1.3 servers. A remote attacker could use this issue to cause
GnuTLS to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04

In general, a standard system update will make all the necessary changes.

References