Bug 832729
| Summary: | gnutls_certificate_get_issuer() returns invalid result because does lookups by name alone. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Woodhouse <dwmw2> |
| Component: | gnutls | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 17 | CC: | h.peter.anvin, jorton, tmraz |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-11-21 03:57:15 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
David Woodhouse
2012-06-16 21:29:06 UTC
Hm, I think I lie; it's fixed in 3.0.20 not 3.0.19. Note that this has not been fixed in any LGPLv2.1-licensed version of GnuTLS upstream; the fix is under LGPLv3. If you backport it, you probably need to ask the maintainer for permission or (less sanely) license your entire package under LGPLv3. (In reply to comment #2) > Note that this has not been fixed in any LGPLv2.1-licensed version of GnuTLS > upstream; the fix is under LGPLv3. If you backport it, you probably need to > ask the maintainer for permission or (less sanely) license your entire > package under LGPLv3. Untrue - it was released in 2.12.20 where the library is still LGPLv2.1. But thanks for this heads up - one more thing to remember to change in the .spec once we will move to 3.0 branch. Ah right. Nikos has pushed that fix and released 2.12.20 since I identified it. My local git tree still has the gnutls_2_12_x branch at the 2.12.19 release. No problem then (not that asking for permission would likely have been a problem either). I just ran into this problem... it is definitely a security hazard. Any chance this fix could be pushed? gnutls-2.12.20-4.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/gnutls-2.12.20-4.fc17 gnutls-2.12.14-4.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/gnutls-2.12.14-4.fc16 Package gnutls-2.12.20-4.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing gnutls-2.12.20-4.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-17641/gnutls-2.12.20-4.fc17 then log in and leave karma (feedback). Tested, and works as it should. gnutls-2.12.14-4.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. gnutls-2.12.20-4.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |