[gnutls-devel] GnuTLS | Tautological assertion in pkcs11-mock4.c never validates initialization flags (#1902)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Wed Jun 10 02:41:22 CEST 2026
Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/work_items/1902#note_3439652475
> `assert(!(init_args->flags & LOCK_FLAGS) != LOCK_FLAGS);`
The upstream code never had this; those asserts were introduced in CentOS Stream 9 when backporting:
https://gitlab.com/redhat/centos-stream/rpms/gnutls/-/blob/b0f3d6f1b736169d26b3ba645773762b202c3d31/gnutls-3.8.10-CVE-2025-9820.patch#L120
Could you report it there:
https://docs.centos.org/centos-stream-docs/bugs/
I'm closing this as invalid.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1902#note_3439652475
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/5-b09d3gjhrfrjpzogf1qrqpxt0-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260610/d786588d/attachment-0001.html>
More information about the Gnutls-devel
mailing list