http://arstechnica.c...to-eavesdropping/
Here's the word from the GnuTLS developers:
http://www.gnutls.or...#GNUTLS-SA-2014-2
A vulnerability was discovered that affects the certificate verification functions of all gnutls versions. A specially crafted certificate could bypass certificate validation checks.
It's pretty serious. As one of the Ars commenters points out, it's not end-users who are going to cause problems, as they generally update pretty regularly; it's large-scale webhosts for whom the testing and rollout of a patch like this is a Big Deal.