gnutls -- double free in certificate DN decoding

2015-07-20T00:00:00
ID EC6A2A1E-429D-11E5-9DAA-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2015-08-18T00:00:00

Description

gnutls.org reports:

Kurt Roeckx reported that decoding a specific certificate with very long DistinguishedName (DN) entries leads to double free, which may result to a denial of service. Since the DN decoding occurs in almost all applications using certificates it is recommended to upgrade the latest GnuTLS version fixing the issue. Recommendation: Upgrade to GnuTLS 3.4.4, or 3.3.17.