Bug 1209365

Summary: fix two-byte buffer overflow in DTLS 0.9
Product: Red Hat Enterprise Linux 7 Reporter: Nikos Mavrogiannopoulos <nmavrogi>
Component: gnutlsAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED ERRATA QA Contact: Stanislav Zidek <szidek>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: pvrabec, tmraz
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: gnutls-3.3.22-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 00:58:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nikos Mavrogiannopoulos 2015-04-07 08:10:00 UTC 
Description of problem:
There is a two-byte buffer overflow in the handling of the CISCO DTLS protocol (DTLS 0.9) of gnutls. This protocol isn't enabled by default but is used by the CISCO DTLS compatible applications, openconnect and ocserv in EPEL7.

http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8077
Comment 11 errata-xmlrpc 2016-11-04 00:58:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2218.html