GnuTLS CVE-2009-2730 Patches
Simon Josefsson
simon at josefsson.org
Thu Aug 20 16:18:46 CEST 2009
Btw, I just notice a problem with RedHat's patch, it appears to break
OpenPGP connections:
gnutls-cli -p 5556 test.gnutls.org --priority NORMAL:+CTYPE-OPENPGP:-CTYPE-X509
I get an error:
- The hostname in the certificate does NOT match 'test.gnutls.org'
But this is incorrect, the names do match.
Please test if that command works on your versions, otherwise you will
need this patch too:
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9eed44b4ef9538117cc134956b32bc8fd39534fd
I'll write a self-test to check this regression too.
/Simon
More information about the Gnutls-devel
mailing list