diff options
| -rw-r--r-- | NEWS | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -9,8 +9,12 @@ See the end for copying conditions. This can happen if you call gnutls_certificate_verify_peers2 and have a certain mix of local CA certificates and the peer send special certificates, that together trigger certain behaviour. It is not -known whether the crash can be triggered without the special local CA -certificate. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. +known at this point whether the crash can be triggered without the +special local CA certificate, and thus turn this into a remote crash +of clients that verify server certificates when they talk to a server +with the special server certificate. See GNUTLS-SA-2006-2 on +http://www.gnu.org/software/gnutls/security.html for more up to date +information. Reported by satyakumar <satyam_kkd@hyd.hellosoft.com>. ** Change SRP and Cert-Type extensions to match IANA registry. |