Scientific Linux Security Update : gnutls on SL7.x x86_64
Medium Nessus Plugin ID 119184
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844)
- gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (CVE-2018-10845)
- gnutls: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery (CVE-2018-10846)
SolutionUpdate the affected packages.