cve-2016-1000030-00

Summary X.509 Certificates Improperly Imported
Date 2016-06-21
CVE Number CVE-2016-1000030
Discovered By Yuan Kang and Suman Jana from Columbia University and Baishakhi Ray from the University of Virginia
Fixed In Release 2.11.0

Description

X.509 certificates may be improperly imported when using GnuTLS.

Mitigation

Check return values from gnutls_x509_crt_init() and gnutls_x509_crt_import().

Looking to reach us via XMPP? Check out the new PidginChat service!