I try to find the bug under Bugzilla. I think is already here and will solve it. Also under lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
The GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them:
It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. It is aimed to be portable and efficient with focus on security and interoperability.Updated gnutls packages that fix one security issue read more about this here.