Vulnerability CVE-2024-28835: Information
Description
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
Published: March 21, 2024
Modified: Nov. 22, 2024
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| gnutls30 | sisyphus | 3.8.4-alt1 | 3.8.9-alt1 | ALT-PU-2024-4634-2 | 343729 | Fixed |
| gnutls30 | sisyphus_e2k | 3.8.4-alt1 | 3.8.9-alt1 | ALT-PU-2024-4708-1 | - | Fixed |
| gnutls30 | sisyphus_riscv64 | 3.8.4-alt1 | 3.8.4-alt1 | ALT-PU-2024-4796-1 | - | Fixed |
| gnutls30 | sisyphus_loongarch64 | 3.8.4-alt1 | 3.8.9-alt1 | ALT-PU-2024-4720-1 | - | Fixed |
| gnutls30 | p10 | 3.6.16-alt5 | 3.6.16-alt7 | ALT-PU-2024-4754-3 | 343952 | Fixed |
| gnutls30 | p10_e2k | 3.6.16-alt5 | 3.6.16-alt7 | ALT-PU-2024-6414-1 | - | Fixed |
| gnutls30 | p9 | 3.6.16-alt5 | 3.6.16-alt7 | ALT-PU-2024-4913-2 | 343958 | Fixed |
| gnutls30 | p9_e2k | 3.6.16-alt6 | 3.6.16-alt6 | ALT-PU-2024-9827-1 | - | Fixed |
| gnutls30 | c10f2 | 3.6.16-alt5 | 3.6.16-alt7 | ALT-PU-2024-4955-3 | 344201 | Fixed |
| gnutls30 | c9f2 | 3.6.16-alt5 | 3.6.16-alt5 | ALT-PU-2024-4977-3 | 344277 | Fixed |
| gnutls30 | p11 | 3.8.4-alt1 | 3.8.9-alt1 | ALT-PU-2024-4634-2 | 343729 | Fixed |