Red Hat Bugzilla – Bug 1250175
glib-networking reinvents X509 cert chain checking, gets it wrong.
Last modified: 2016-04-12 10:04:42 EDT
Evolution is reporting that our IMAP server has an expired cert. It doesn't; it's just that for some reason glib-networking has reimplemented a bunch of security-sensitive code instead of just using GnuTLS as it should. And has got it wrong.
Full details in upstream bug.
*** Bug 1286034 has been marked as a duplicate of this bug. ***
(Since we're not currently aware of any security issues in this code affecting current releases, I don't think we need to backport anything here.)