Errata overview
Errata ID 118
Date 2014-06-04
Source package gnutls26
Fixed in version 2.8.6-1.26.201406040738
Joonas Kuorilehto discovered that GNU TLS performed insufficient
validation of session IDs during TLS/SSL handshakes. A malicious
server could use this to execute arbitrary code or perform denial
of service.
Additional notes
CVE ID CVE-2014-3466