The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.
Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.