# GnuTLS vulnerable to validation check bypass



## SirDice (Mar 7, 2014)

I haven't seen a lot of press about this. Apple's "goto-bug" got a lot more. But it appears that GnuTLS made some similar mistakes. There are quite a number of ports that depend on GnuTLS so you may want to check your systems. The current versions in the ports tree should be fixed now. 

http://www.gnutls.org/security.html#GNUTLS-SA-2014-2
http://www.vuxml.org/freebsd/f645aa90-a ... 69bc2.html
http://arstechnica.com/security/2014/03 ... sdropping/


----------



## kpa (Mar 7, 2014)

There were some updates just recently to fix the vulnerabilities, security/gnutls:

http://svnweb.freebsd.org/ports?view=revision&revision=347078

And for security/gnutls3:

http://svnweb.freebsd.org/ports?view=revision&revision=347083


----------



## fonz (Mar 7, 2014)

SirDice said:
			
		

> There are quite a number of ports that depend on GnuTLS so you may want to check your systems.


According to Freshports, security/gnutls3 is only required by multimedia/vlc, but security/gnutls (2) is required by some 70-odd ports and I suspect there might be more where GnuTLS is a selectable option.


----------

