USN-948-1: GnuTLS vulnerability
03 June 2010
Under certain circumstances, an attacker might be able to crash GnuTLS.
- gnutls12 - the GNU TLS library
It was discovered that GnuTLS did not always properly verify the hash
algorithm of X.509 certificates. If an application linked against GnuTLS
processed a crafted certificate, an attacker could make GnuTLS dereference
a NULL pointer and cause a DoS via application crash.