A vulnerability has been discovered that affects the certificate verification functions of all gnutls versions. The vulnerability was discovered during an audit of GnuTLS for Red Hat. A specially crafted certificate could bypass certificate validation checks. The code makes liberal use of strlen and strcat, when it needs to be using counted-length data blobs everywhere. The code is completely unsafe for handling binary data, and yet the nature of TLS processing is almost entirely dependent on secure handling of binary data.”]
Source: https://www.csoonline.com/article/2136244/first-goto-fail–now-something-gnu.html