SUSE-SU-2017:1838-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2017-7507 CVE-2017-7869

Published: 11 Jul 2017, 15:56

Last modified:04 Feb 2026, 04:31

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

11 Jul 2017, 15:56

Published

Vulnerability first disclosed

04 Feb 2026, 04:31

Last Modified

Vulnerability information updated

Description

Security update for gnutls This update for gnutls fixes the following issues: - GNUTLS-SA-2017-4 / CVE-2017-7507: Fix crash in status response TLS extension decoding (bsc#1043398) - GNUTLS-SA-2017-3 / CVE-2017-7869: Fix out-of-bounds write in OpenPGP certificate decoding (bsc#1034173) - Address read of 4 bytes past the end of buffer in OpenPGP certificate parsing (bsc#1038337)

Affected Systems

suse•gnutls&distro=SUSE Linux Enterprise Desktop 12 SP2
< 3.2.15-18.3.1
suse•gnutls&distro=SUSE Linux Enterprise Server 12 SP2
< 3.2.15-18.3.1
suse•gnutls&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
< 3.2.15-18.3.1
suse•gnutls&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 3.2.15-18.3.1
suse•gnutls&distro=SUSE Linux Enterprise Software Development Kit 12 SP2
< 3.2.15-18.3.1

SUSE-SU-2017:1838-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (6)