What is the GnuTLS bug?
Red Hat has discovered a bug in the GnuTLS (GNU Transport Layer Security) package that may allow attackers to trivially bypass SSL (CVE-2014-0092). RHEL, CentOS, Debian and other popular Linux distributions are susceptible to potential eavesdropping due to this bug.
What version of GnuTLS is affected?
At this point it is known that package version gnutls-2.8.5-10 and below are affected.
How do I update this package?
To update this package, run the following command:
yum update gnutls
The patched version is gnutls-2.8.5-13 (and onwards).
Further Information
For more information, see the official RHEL update message.