An update that solves two vulnerabilities and has one errata is now available.
Description:
The GNUTLS library received a critical security fix and other updates:
* CVE-2014-0092: The X.509 certificate verification had incorrect error handling, which could lead to broken certificates marked as being valid. * CVE-2009-5138: A verification problem in handling V1 certificates could also lead to V1 certificates incorrectly being handled.
Additionally, a memory leak in PSK authentication was fixed. (bnc#835760)