Bug 1789867

Summary: Gnutls needs to set the invalid bit when a certificate is revoked
Product: Red Hat Enterprise Linux 8 Reporter: Steve Grubb <sgrubb>
Component: gnutlsAssignee: Daiki Ueno <dueno>
Status: CLOSED ERRATA QA Contact: Alexander Sosedkin <asosedki>
Severity: high Docs Contact:
Priority: high    
Version: 8.2CC: asosedki, dueno, jpazdziora, jreznik, lmiksik, szidek
Target Milestone: rcKeywords: Triaged
Target Release: 8.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: gnutls-3.6.14-3.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 01:55:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1789392    
Bug Blocks: 1761915, 1825061    

Description Steve Grubb 2020-01-10 15:35:38 UTC 
Description of problem:
During certificate validation, when OSCP says that a certificate is revoked, the invalid bit needs to be set in the error code. Currently, revoked is returned without the invalid bit set.
Comment 4 Jan Pazdziora 2020-01-21 08:47:24 UTC 
Is this about https://gitlab.com/gnutls/gnutls/merge_requests/1159 or something different?
Comment 13 errata-xmlrpc 2020-11-04 01:55:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (gnutls bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4526