- Vulnerability/
- USN-4384-1
USN-4384-1: GnuTLS vulnerability
First published: Fri Jun 05 2020(Updated: )
It was discovered that GnuTLS incorrectly handled session ticket encryption keys. A remote attacker could possibly use this issue to bypass authentication or recover sensitive information.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libgnutls30 | <3.6.13-2ubuntu1.1 | 3.6.13-2ubuntu1.1 |
| =20.04 | ||
| All of | ||
| ubuntu/libgnutls30 | <3.6.9-5ubuntu1.2 | 3.6.9-5ubuntu1.2 |
| =19.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this GnuTLS vulnerability?
The vulnerability ID for this GnuTLS vulnerability is CVE-2020-13777.
What is the severity of USN-4384-1 GnuTLS vulnerability?
The severity of USN-4384-1 GnuTLS vulnerability is not specified.
How does this GnuTLS vulnerability impact users?
This GnuTLS vulnerability could allow a remote attacker to bypass authentication or recover sensitive information.
Which software versions are affected by this GnuTLS vulnerability?
The following versions of libgnutls30 are affected: 3.6.13-2ubuntu1.1 and 3.6.9-5ubuntu1.2.
How can I fix the USN-4384-1 GnuTLS vulnerability?
To fix the USN-4384-1 GnuTLS vulnerability, update to version 3.6.13-2ubuntu1.1 if on Ubuntu 20.04, or update to version 3.6.9-5ubuntu1.2 if on Ubuntu 19.10.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/20.04
- version/ubuntu ubuntu/19.10