Published on Wednesday, 05 March 2014 10:16
[ Summary ]
A vulnerability was discovered that affects the certificate verification functions of all GnuTLS versions. A specially crafted certificate could bypass certificate validation checks. The vulnerability was discovered during an audit of GnuTLS for Red Hat.
[ Affected Software ]
- All software using certificate authentication in earlier versions of GnuTLS.
[ Call to Action ]
Patch versions of GnuTLS are available (3.2.12 or 3.1.22). or apply the patch for GnuTLS 2.12.x.
[ Reference ]