It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. (CVE-2014-8155)
Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could possibly use this issue to downgrade to a disallowed algorithm. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-0282)
It was discovered that GnuTLS incorrectly verified certificate algorithms. A remote attacker could possibly use this issue to downgrade to a disallowed algorithm. (CVE-2015-0294)
{ "availability": "No subscription required", "binaries": [ { "gnutls26-doc": "2.12.23-12ubuntu2.2", "libgnutls26-dbg": "2.12.23-12ubuntu2.2", "libgnutlsxx27": "2.12.23-12ubuntu2.2", "libgnutls26": "2.12.23-12ubuntu2.2", "gnutls-bin": "3.0.11+really2.12.23-12ubuntu2.2", "libgnutls-openssl27": "2.12.23-12ubuntu2.2", "libgnutls-dev": "2.12.23-12ubuntu2.2" } ] }