CVE-2017-5334
Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.
| Software | From | Fixed in |
|---|---|---|
| opensuse / leap | 42.2 | 42.2.x |
| opensuse / leap | 42.1 | 42.1.x |
| gnu / gnutls | 3.5.5 | 3.5.5.x |
| gnu / gnutls | - | 3.3.25.x |
| gnu / gnutls | 3.5.6 | 3.5.6.x |
| gnu / gnutls | 3.5.4 | 3.5.4.x |
| gnu / gnutls | 3.5.3 | 3.5.3.x |
| gnu / gnutls | 3.5.7 | 3.5.7.x |
| gnu / gnutls | 3.5.2 | 3.5.2.x |
| gnu / gnutls | 3.5.1 | 3.5.1.x |
| gnu / gnutls | 3.5.0 | 3.5.0.x |
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html
- http://www.openwall.com/lists/oss-security/2017/01/10/7
- http://www.openwall.com/lists/oss-security/2017/01/11/4
- http://www.securityfocus.com/bid/95370
- http://www.securitytracker.com/id/1037576
- https://access.redhat.com/errata/RHSA-2017:2292
- https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
- https://gnutls.org/security.html#GNUTLS-SA-2017-1
- https://security.gentoo.org/glsa/201702-04
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime