Bug in GnuTLS library discovered – allows attackers to bypass SSL trivially – update your GnuTLS now!

What is the GnuTLS bug?

Red Hat has discovered a bug in the GnuTLS (GNU Transport Layer Security) package that may allow attackers to trivially bypass SSL (CVE-2014-0092). RHEL, CentOS, Debian and other popular Linux distributions are susceptible to potential eavesdropping due to this bug.

What version of GnuTLS is affected?

At this point it is known that package version gnutls-2.8.5-10 and below are affected.

How do I update this package?

To update this package, run the following command:

yum update gnutls

The patched version is gnutls-2.8.5-13 (and onwards).

Further Information

For more information, see the official RHEL update message.

Scan to Donate Bitcoin
Like this? Donate Bitcoin to at:
Bitcoin 14M4a7UHEX61VoHkyjj4dxbUBNGGz3hmhM
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the creator of CentOS Blog. Please feel free to comment any suggestions, feedback or questions on my posts!