diff options
author | Simon Josefsson <simon@josefsson.org> | 2006-08-11 23:03:06 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2006-08-11 23:03:06 +0000 |
commit | e8681c22588bd69ad0ed715553c67600576d2a81 (patch) | |
tree | de6833d78a8a8295a0ea1f53336c3c4d04eba2e5 /NEWS | |
parent | 50d8fbbbbd137e0bbf00fd11b28607b13c741ab5 (diff) | |
download | gnutls-e8681c22588bd69ad0ed715553c67600576d2a81.tar.gz |
Fix.
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -9,8 +9,12 @@ See the end for copying conditions. This can happen if you call gnutls_certificate_verify_peers2 and have a certain mix of local CA certificates and the peer send special certificates, that together trigger certain behaviour. It is not -known whether the crash can be triggered without the special local CA -certificate. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. +known at this point whether the crash can be triggered without the +special local CA certificate, and thus turn this into a remote crash +of clients that verify server certificates when they talk to a server +with the special server certificate. See GNUTLS-SA-2006-2 on +http://www.gnu.org/software/gnutls/security.html for more up to date +information. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. ** Change SRP and Cert-Type extensions to match IANA registry. |