diff options
author | Simon Josefsson <simon@josefsson.org> | 2006-08-11 23:03:23 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2006-08-11 23:03:23 +0000 |
commit | 187b85b5dbfe1a5b7d9967d528c02d2d8aff272b (patch) | |
tree | 7de290e91be1f220821c139793c6667d01eb4781 | |
parent | 8e1c73d2275957e7fc5b171bf805da9bb39282b9 (diff) | |
download | gnutls_1_4_2.tar.gz |
Fix.gnutls_1_4_2
-rw-r--r-- | NEWS | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -9,8 +9,12 @@ See the end for copying conditions. This can happen if you call gnutls_certificate_verify_peers2 and have a certain mix of local CA certificates and the peer send special certificates, that together trigger certain behaviour. It is not -known whether the crash can be triggered without the special local CA -certificate. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. +known at this point whether the crash can be triggered without the +special local CA certificate, and thus turn this into a remote crash +of clients that verify server certificates when they talk to a server +with the special server certificate. See GNUTLS-SA-2006-2 on +http://www.gnu.org/software/gnutls/security.html for more up to date +information. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. ** Change SRP and Cert-Type extensions to match IANA registry. |