[gnutls-devel] gnutls-cli 2.x segfault
nmav at gnutls.org
Wed May 29 21:07:16 CEST 2013
On 05/29/2013 07:26 PM, Tomas Hoger wrote:
>> It looks like an out of bounds data access introduced on the fix for
>> the Lucky-13 attack. I've committed the following fix in the
>> repository. No bug-fix release planned though.
> This problem is not limited to clients, servers are affected by this as
> well and can be crashed remotely using this flaw. This issue got
> CVE-2013-2116 assigned.
Thanks. I've added a security advisory as well.
More information about the Gnutls-devel