The _gnutls_x509_verify_certificate fix
Andreas Metzler
ametzler at downhill.at.eu.org
Wed Nov 12 19:36:55 CET 2008
On 2008-11-12 Simon Josefsson <simon at josefsson.org> wrote:
> Simon Josefsson <simon at josefsson.org> writes:
>>> Applying this to 2.4.2 this does away with the crash, however it does
>>> not fix the advisory anymore. (The way to reproduce described in
>>> http://news.gmane.org/find-root.php?message_id=%3c4918143A.3050103%40gmx.net%3e
>>> works again.
>> Really? I think the patch should solve both the crash and the
>> advisory. Are you sure you used the right library?
> I've tested the patch and it appears to fix both the crash and the
> vulnerability. Please test it again.
[...]
You are right, sorry for the noise. Do not know what happened
yesterday.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel
mailing list