CVE-2020-13777

Priority
Description
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a
session ticket (a loss of confidentiality in TLS 1.2, and an authentication
bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24)
because of an error in a 2018-09-18 commit. Until the first key rotation,
the TLS server always uses wrong data in place of an encryption key derived
from an application.
Assigned-to
mdeslaur
Notes
mdeslaurintroduced in 3.6.4
Package
Upstream:released (3.6.14)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):released (3.6.9-5ubuntu1.2)
Ubuntu 20.04 LTS (Focal Fossa):released (3.6.13-2ubuntu1.1)
Ubuntu 20.10 (Groovy Gorilla):released (3.6.13-4ubuntu2)
Patches:
Upstream:https://gitlab.com/gnutls/gnutls/-/commit/c2646aeee94e71cb15c90a3147cf3b5b0ca158ca
Upstream:https://gitlab.com/gnutls/gnutls/-/commit/3d7fae761e65e9d0f16d7247ee8a464d4fe002da
More Information

Updated: 2020-06-18 16:18:20 UTC (commit e68e16a7a826106828db41d67b55bc933c9cfd5f)