USN-2821-1: GnuTLS vulnerability
30 November 2015
GnuTLS could be made to expose sensitive information over the network.
- gnutls26 - GNU TLS library
It was discovered that GnuTLS incorrectly validated the first byte of
padding in CBC modes. A remote attacker could possibly use this issue to
perform a padding oracle attack.