It was found that decoding a specially crafted X.509 certificate with Proxy Certificate Information extension present could lead to a double free. This issue was fixed in GnuTLS 3.3.26 and 3.5.8. External References: https://gnutls.org/security.html#GNUTLS-SA-2017-1 Upstream patch: https://gitlab.com/gnutls/gnutls/commit/c5aaa488a3d6df712dc8dff23a049133cab5ec1b
Created gnutls tracking bugs for this issue: Affects: fedora-all [bug 1411838]
This was addressed in F25 with https://bodhi.fedoraproject.org/updates/FEDORA-2017-88f1664dd4
Created gnutls30 tracking bugs for this issue: Affects: epel-6 [bug 1411846]
CVE assignment: http://seclists.org/oss-sec/2017/q1/57
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2292 https://access.redhat.com/errata/RHSA-2017:2292