The gnutls library was updated to fix SSL certificate
validation. Remote man-in-the-middle attackers were able to
make the verification believe that a SSL certificate is
valid even though it was not. Also the TLS-CBC timing
attack vulnerability was fixed.