A method to bypass SSL certificate name vs. host name verification via NUL ('\0') character embedded in X509 certificate's CommonName or subjectAltName was presented at Black Hat USA 2009: http://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike This issue was originally reported for Firefox / NSS, but it affects GnuTLS' gnutls_x509_crt_check_hostname() too.
Upstream announcement: http://article.gmane.org/gmane.network.gnutls.general/1733
Note: 2.8.2 contains one unintended change, that can cause NULL defer crash and is already reverted in upstream git: http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3725/focus=3768
gnutls-2.6.6-2.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/gnutls-2.6.6-2.fc11
gnutls-2.4.2-4.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/gnutls-2.4.2-4.fc10
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1232 https://rhn.redhat.com/errata/RHSA-2009-1232.html
gnutls-2.6.6-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
gnutls-2.4.2-5.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.