The _gnutls_x509_verify_certificate fix

Andreas Metzler ametzler at
Wed Nov 12 19:36:55 CET 2008

On 2008-11-12 Simon Josefsson <simon at> wrote:
> Simon Josefsson <simon at> writes:

>>> Applying this to 2.4.2 this does away with the crash, however it does
>>> not fix the advisory anymore. (The way to reproduce described in
>>> works again.

>> Really?  I think the patch should solve both the crash and the
>> advisory.  Are you sure you used the right library?

> I've tested the patch and it appears to fix both the crash and the
> vulnerability.  Please test it again.

You are right, sorry for the noise. Do not know what happened
cu andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Gnutls-devel mailing list