GnuTLS Vulnerability Plugged in All Supported Ubuntu OSes

A standard system update will repair this small issue

By Silviu Stahie on February 27th, 2013 20:11 GMT

On February 27, Canonical published in a security notice details about a GnuTLS vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems.

According to Canonical, GnuTLS could be made to expose sensitive information over the network.

Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.

The security flaws can be fixed if you upgrade your system(s) to the latest libgnutls package, specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.
Ubuntu 12.04.2 LTS desktop
   Ubuntu 12.04.2 LTS desktop
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments