Vulnerability in all gnuTLS versions released prior to 5/30
A vulnerability has been identified in the several open source TLS libraries that are commonly used on Linux systems. The vulnerability would allow a buffer overflow if exploited. If you run a Ubuntu or RedHat system, please check to see if a patch is available. The TLS versions that are vulnerable include all versions prior to 3.1.25, 3.2.15 and 3.3.4. Updated versions are available from http://www.gnutls.org/download.html . If you have gnuTLS deployed please install the patch for your respective version as soon as possible.
The CVE link from mitre.org is http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
Other sources of information on this condition –
Tags: gnutls vulnerability