Mandrake Security Advisory MDVSA-2009:210 (gnutls)

The remote host is missing an update to gnutls announced via advisory MDVSA-2009:210.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (CVE-2009-2730). This update fixes this vulnerability. Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0