je.st
news
Serious flaw in GnuTLS library endangers SSL clients and systems
2014-06-03 14:04:32| InfoWorld: Top News
A serious vulnerability that could be exploited to crash TLS clients and potentially execute malicious code on underlying systems was patched in the popular GnuTLS cryptographic library. The memory corruption vulnerability, which is tracked as CVE-2014-3466, was fixed in GnuTLS 3.3.3, GnuTLS 3.2.15 and GnuTLS 3.1.25 released Friday. Since then, the GnuTLS developers also released GnuTLS 3.3.4 to fix a non-security-related hardware acceleration bug.
Tags: systems
library
clients
ssl
Category:Information Technology