VyOS Networks Blog

Building an open source network OS for the people, together.


Daniil Baturin
Posted 2 Jun, 2014

A security issue in GnuTLS (GNUTLS-SA-2014-3) can cause client memory corruption if the server sends specially crafted ServerHello.

The only thing that uses GnuTLS in VyOS is apt-transport-https, so avoid installing packages from untrusted servers via HTTPS until the fix is available.

We are looking into including the fix in the next maintenance release.

The post categories: