Gentoo Linux Security Advisory GLSA 200901-10 - A certificate validation error in GnuTLS might allow for spoofing attacks. Martin von Gagern reported that the _gnutls_x509_verify_certificate() function in lib/x509/verify.c trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate. Versions less than 2.4.1-r2 are affected.
546a34c942ac770823964c45d53398b233b2efafe5e1b7e29d324f13c99ef895