Msrc Cbl2 Gnutls 3.7.11-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-28835 [MEDIUM] CWE-248 Gnutls: potential crash during chain building/verification Gnutls: potential crash during chain building/verification FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with

CVE-2024-28834 [MEDIUM] CWE-327 Gnutls: vulnerable to minerva side-channel information leak Gnutls: vulnerable to minerva side-channel information leak FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries wi

CVE-2024-0567 [HIGH] CWE-347 Gnutls: rejects certificate chain with distributed trust Gnutls: rejects certificate chain with distributed trust FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which

CVE-2024-0553 [HIGH] CWE-203 Gnutls: incomplete fix for cve-2023-5981 Gnutls: incomplete fix for cve-2023-5981 FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsof

CVE-2023-5981 [MEDIUM] CWE-203 Gnutls: timing side-channel in the rsa-psk authentication Gnutls: timing side-channel in the rsa-psk authentication FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with wh