It was found that gnutls, did not perform date/time check on CA certificates. Applications compiled against gnutls, will continue to assume that a certificate is valid, even though the CA certificate, (which signed this certificate) has expired. This issue was fixed in gnutls-2.9.10 via the following commit: https://gitorious.org/gnutls/gnutls/commit/897cbce62c0263a498088ac3e465aa5f05f8719c
Statement: This issue did not affect the version of gnutls package as shipped with Red Hat Enterprise Linux 7. This issue affects the version of gnutls as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Acknowledgements: This issue was discovered by Marcel Kolaja of Red Hat.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:1457 https://rhn.redhat.com/errata/RHSA-2015-1457.html