[Bug 1882244] Re: GnuTLS Session Ticket Key Vulnerability

Marc Deslauriers 1882244 at bugs.launchpad.net
Fri Jun 5 14:30:35 UTC 2020 

This issue doesn't affect Ubuntu 16.04 LTS or Ubuntu 18.04 LTS.

** Information type changed from Private Security to Public Security

** Also affects: gnutls28 (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: gnutls28 (Ubuntu Eoan)
   Importance: Undecided
       Status: New

** Also affects: gnutls28 (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: gnutls28 (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: gnutls28 (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Changed in: gnutls28 (Ubuntu Xenial)
       Status: New => Invalid

** Changed in: gnutls28 (Ubuntu Bionic)
       Status: New => Invalid

** Changed in: gnutls28 (Ubuntu Eoan)
       Status: New => In Progress

** Changed in: gnutls28 (Ubuntu Focal)
       Status: New => In Progress

** Changed in: gnutls28 (Ubuntu Groovy)
       Status: New => In Progress

** Changed in: gnutls28 (Ubuntu Eoan)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: gnutls28 (Ubuntu Focal)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: gnutls28 (Ubuntu Groovy)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: gnutls28 (Ubuntu Eoan)
   Importance: Undecided => High

** Changed in: gnutls28 (Ubuntu Focal)
   Importance: Undecided => High

** Changed in: gnutls28 (Ubuntu Groovy)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1882244

Title:
  GnuTLS Session Ticket Key Vulnerability

Status in gnutls28 package in Ubuntu:
  In Progress
Status in gnutls28 source package in Xenial:
  Invalid
Status in gnutls28 source package in Bionic:
  Invalid
Status in gnutls28 source package in Eoan:
  In Progress
Status in gnutls28 source package in Focal:
  In Progress
Status in gnutls28 source package in Groovy:
  In Progress

Bug description:
  Dear Launchpad Team,

  A security vulnerability affects versions 3.x of GnuTLS:

  https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03

  I noticed this problem on Ubuntu 16 and Ubuntu 18 operating systems.
  In particular, on Ubuntu 16 last version of libgnutls30 is 3.4.10, whereas on Ubuntu 18 it is 3.5.18.

  Please provide an update.

  I thank you in advance.

  Kind regards,

  it0001

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1882244/+subscriptions

More information about the foundations-bugs mailing list