Details
Description
When negotiating a secure connection with a server (master or tablet server), Kudu Java client doesn't verify the channel binding information against the TLS certificate presented by the server.
Kudos to Andy Singer for pointing to the bug.