1065239 – X.509v1 certificate verification issue

Bug 1065239 - X.509v1 certificate verification issue

Summary: X.509v1 certificate verification issue

Keywords:
Status:	CLOSED DUPLICATE of bug 1065094
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	gnutls
Sub Component:
Version:	20
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-02-14 07:46 UTC by Nikos Mavrogiannopoulos
Modified:	2014-02-14 08:07 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-02-14 08:07:18 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1065094	0	medium	CLOSED	CVE-2014-1959 gnutls: certificate verification flaw (GNUTLS-SA-2014-1) [fedora-all]	2021-02-22 00:41:40 UTC

Description Nikos Mavrogiannopoulos 2014-02-14 07:46:26 UTC

Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default (something that deviates from the documented behavior). 

http://www.gnutls.org/security.html#GNUTLS-SA-2014-1

Comment 1 Nikos Mavrogiannopoulos 2014-02-14 08:07:18 UTC


*** This bug has been marked as a duplicate of bug 1065094 ***

Note You need to log in before you can comment on or make changes to this bug.