SuSE 11.3 Security Update : GnuTLS (SAT Patch Number 10536)
Medium Nessus Plugin ID 82639
The remote SuSE 11 host is missing one or more security updates.
GnuTLS was updated to fix two security issues : - A certificate algorithm consistency checking issue was fixed, where GnuTLS did not check whether the two signature algorithms match on certificate import. This problem is not deemed to be exploitable currently. (CVE-2015-0294) - GNUTLS-SA-2015-1: GnuTLS did not verify the RSA PKCS #1 signature algorithm to match the signature algorithm in the certificate, leading to a potential downgrade to a disallowed algorithm, such as MD5, without detecting it. (CVE-2015-0282)