| Errata ID | 331 |
|---|---|
| Date | 2015-09-24 |
| Source package | gnutls26 |
| Fixed in version | 2.12.20-8.29.201509111022 |
| Description | Multiple security vulnerabilities have been fixed in gnutls26: * A certificate algorithm consistency checking issue (CVE-2015-0294). * GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors (CVE-2015-0282). |
| Additional notes | |
| CVE ID | CVE-2015-0294 CVE-2015-0282 |
| UCS Bug number | #38067 |
