GnuTLS 2.2.4 - Security release [GNUTLS-SA-2008-1]

Simon Josefsson simon at
Mon May 19 21:43:32 CEST 2008

Simon Josefsson <simon at> writes:

> I don't understand why the self-tests didn't catch something like this
> though.

I looked into this, and the reason is that the self tests uses TLS 1.1
and uses record padding.  The incorrect debug message check was only
triggered for incoming packet shorter than the hash size plus the
blocksize, which can happen if the server sends a short message.  If TLS
1.1 is used, an IV is always sent so the packet becomes longer, or if
padding is used, the packet typically also becomes longer.

My patch in the other message appears to be the right thing.  I'll
release 2.2.5 with it.


More information about the Gnutls-devel mailing list