FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GnuTLS -- flaw in DTLS protocol implementation

Affected packages
gnutls < 3.6.13


VuXML ID d887b3d9-7366-11ea-b81a-001cc0382b2f
Discovery 2020-03-31
Entry 2020-03-31

The GnuTLS project reports:

It was found that GnuTLS 3.6.3 introduced a regression in the DTLS protocol implementation. This caused the DTLS client to not contribute any randomness to the DTLS negotiation breaking the security guarantees of the DTLS protocol.