[gnutls-devel] GnuTLS | GnuTLS has incomplete fix for CVE-2023-5981 (#1522)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Feb 19 15:29:07 CET 2024




Andrea Mattiazzo commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1522#note_1779194843

Thanks @dueno for the info. Just as confirmation, I saw that rsa_psk.c was added in version 3.2.4 ([commit])(https://gitlab.com/gnutls/gnutls/-/commit/6d25d31976892cadd8c8cef7c93509bd6ede7dbe), so we could consider the version from 3.2.4 to 3.2.17 as not affected?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1522#note_1779194843
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240219/0cf284c1/attachment.html>


More information about the Gnutls-devel mailing list