The following flaw was reported in GnuTLS: Setuid programs using GnuTLS 3.4.12 could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 and fixed in GnuTLS 3.4.13. Relevant upstream commits: https://gitlab.com/gnutls/gnutls/compare/fb2a6baef79f4aadfd95e657fe5a18da20a1410e...86076c9b17b9a32b348cafb8b724f57f7da64d58 External References: http://gnutls.org/security.html#GNUTLS-SA-2016-1
Created mingw-gnutls tracking bugs for this issue: Affects: fedora-all [bug 1343344]
Created gnutls tracking bugs for this issue: Affects: fedora-all [bug 1343343]
CVE request: http://seclists.org/oss-sec/2016/q2/487
*** This bug has been marked as a duplicate of bug 1343505 ***