A vulnerability has been discovered and corrected in gnutls: A flaw was found in the way GnuTLS decrypted TLS record packets when using CBC encryption. The number of pad bytes read form the packet was not checked against the cipher text size, resulting in an out of bounds read. This could cause a TLS client or server using GnuTLS to crash . The updated packages have been patched to correct this issue.