VyOS Networks Blog

A security issue in GnuTLS (GNUTLS-SA-2014-3) can cause client memory corruption if the server sends specially crafted ServerHello.

The only thing that uses GnuTLS in VyOS is apt-transport-https, so avoid installing packages from untrusted servers via HTTPS until the fix is available.

We are looking into including the fix in the next maintenance release.