Introduced check to reject certificates with non-digits in time field

According to RFC5280 we should reject such certificates. Resolves: #870 Signed-off-by: Lili Quan <13132239506@163.com>
author: Lili Quan <13132239506@163.com> 2019-12-19 17:14:20 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2019-12-19 19:58:06 +0100
commit: 3cbeffcb7d4a70858b1c46fe955516b9eab0ef8e (patch)
tree: c49278bc3dc205c38ffbe09a5db856aad2eecc40 /NEWS
parent: 8d81203c987e717031a6ecfa0a25983f4471d3fc (diff)
download: gnutls-3cbeffcb7d4a70858b1c46fe955516b9eab0ef8e.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 05833c83ef..cf9deaadbb 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,8 @@ See the end for copying conditions.
 ** libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible
    with gnutls_ocsp_req_t but const.
 
+** libgnutls: Reject certificates with invalid characters in Time fields (#870).
+
 ** libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by
    draft-smyshlyaev-tls12-gost-suites-06).
    By default this ciphersuite is disabled. One has to add following items to priority strings:
author	Lili Quan <13132239506@163.com>	2019-12-19 17:14:20 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-12-19 19:58:06 +0100
commit	3cbeffcb7d4a70858b1c46fe955516b9eab0ef8e (patch)
tree	c49278bc3dc205c38ffbe09a5db856aad2eecc40 /NEWS
parent	8d81203c987e717031a6ecfa0a25983f4471d3fc (diff)
download	gnutls-3cbeffcb7d4a70858b1c46fe955516b9eab0ef8e.tar.gz