* SECURITY UPDATE: use after free issue in key_share extension
- debian/patches/CVE-2021-20231.patch: avoid use-after-free around
realloc in lib/ext/key_share.c.
- CVE-2021-20231
* SECURITY UPDATE: use after free issue in client_send_params
- debian/patches/CVE-2021-20232.patch: avoid use-after-free around
realloc in lib/ext/pre_shared_key.c.
- CVE-2021-20232
-- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 09:56:04 -0400
This bug was fixed in the package gnutls28 - 3.6.13-2ubuntu1.6
---------------
gnutls28 (3.6.13-2ubuntu1.6) focal-security; urgency=medium
* SECURITY UPDATE: use after free issue in key_share extension patches/ CVE-2021- 20231.patch: avoid use-after-free around key_share. c. patches/ CVE-2021- 20232.patch: avoid use-after-free around pre_shared_ key.c.
- debian/
realloc in lib/ext/
- CVE-2021-20231
* SECURITY UPDATE: use after free issue in client_send_params
- debian/
realloc in lib/ext/
- CVE-2021-20232
-- Marc Deslauriers <email address hidden> Mon, 02 Aug 2021 09:56:04 -0400