[Bug 305264] Re: gnutls regression: failure in certificate chain validation
Launchpad Bug Tracker
305264 at bugs.launchpad.net
Thu Aug 13 18:54:50 BST 2009
This bug was fixed in the package gnutls26 - 2.4.1-1ubuntu0.3
---------------
gnutls26 (2.4.1-1ubuntu0.3) intrepid-security; urgency=low
* Fix for certificate chain regressions introduced by fixes for
CVE-2008-4989
* debian/patches/20_CVE-2008-4989.diff: updated to upstream's final
2.4.2 - 2.4.3 patchset for lib/x509/verify.c to fix CVE-2008-4989 and
address all known regressions. To summarize from upstream:
- Fix X.509 certificate chain validation error (CVE-2008-4989)
- Fix chain verification for chains that end with RSA-MD2 CAs (LP: #305264)
- Deprecate X.509 validation chains using MD5 and MD2 signatures
- Accept chains where intermediary certs are trusted (LP: #305264)
-- Jamie Strandboge <jamie at ubuntu.com> Fri, 20 Feb 2009 12:24:43
-0600
** Changed in: gnutls26 (Ubuntu Intrepid)
Status: Fix Committed => Fix Released
--
gnutls regression: failure in certificate chain validation
https://bugs.launchpad.net/bugs/305264
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list