| Errata ID | 118 |
|---|---|
| Date | 2014-06-04 |
| Source package | gnutls26 |
| Fixed in version | 2.8.6-1.26.201406040738 |
| Description | Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial of service. |
| Additional notes | |
| CVE ID | CVE-2014-3466 |
