Rapid7 Vulnerability & Exploit Database

Ubuntu: USN-2913-4: GnuTLS update

Back to Search

Ubuntu: USN-2913-4: GnuTLS update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
02/24/2016
Created
07/25/2018
Added
02/24/2016
Modified
08/05/2020

Description

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal.

Original advisory details:

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys.

Solution(s)

  • ubuntu-upgrade-libgnutls26

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;