Back to bug 2044156

Who	When	What	Removed	Added
Dhananjay Arunesh	2022-01-24 07:04:17 UTC	CC		security-response-team
Dhananjay Arunesh	2022-01-24 07:04:52 UTC	Blocks		2044141
Mauro Matteo Cascella	2022-02-16 19:07:11 UTC	CC		bdettelb, dhalasz, dkuc, fjansen, jwong, micjohns, sthirugn, tcarlin, tkasparek, vkrizan, vkumar, vmugicag
		CC		jnakfour
		Depends On		2048765
		Summary	EMBARGOED CVE-2021-4209 GnuTLS: Null pointer dereference in MD_UPDATE	CVE-2021-4209 GnuTLS: Null pointer dereference in MD_UPDATE
		Group	security, qe_staff
		Fixed In Version		gnutls 3.7.3
		CC		ansasaki, cfergeau, crypto-team, elima, erik-fedora, marcandre.lureau, mike, rh-spice-bugs, rjones, tm
Mauro Matteo Cascella	2022-02-16 19:18:08 UTC	Priority	medium	low
		Severity	medium	low
Mauro Matteo Cascella	2022-02-16 19:19:36 UTC	Depends On		2055369, 2055368
Mauro Matteo Cascella	2022-02-16 19:28:48 UTC	Depends On		2055375, 2055376, 2055374
Red Hat Bugzilla	2022-02-22 06:37:13 UTC	CC	jnakfour
Mauro Matteo Cascella	2022-03-07 14:48:33 UTC	Doc Text		A NULL pointer dereference issue was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. In rare circumstances, this flaw might lead to a denial of service after authentication.
RaTasha Tillery-Smith	2022-03-08 14:08:52 UTC	Doc Text	A NULL pointer dereference issue was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. In rare circumstances, this flaw might lead to a denial of service after authentication.	A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
Red Hat Bugzilla	2023-02-01 08:27:34 UTC	CC	tkasparek
Red Hat Bugzilla	2023-07-07 08:30:33 UTC	CC	security-response-team
		Assignee	security-response-team	nobody

Back to bug 2044156