Mandriva Linux Security Advisory 2014-109 - A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.
2dac6f0975791c3374b1c28f1e4f21fe44bba9a3591e659d6062a5f8cff8a5d6