This bug was fixed in the package gnutls13 - 2.0.4-1ubuntu2.5
---------------
gnutls13 (2.0.4-1ubuntu2.5) hardy-security; urgency=low
* Fix for certificate chain regressions introduced by fixes for
CVE-2008-4989
* debian/patches/91_CVE-2008-4989.diff: updated to upstream's final
2.4.2 - 2.4.3 patchset for lib/x509/verify.c to fix CVE-2008-4989 and
address all known regressions. To summarize from upstream:
- Fix X.509 certificate chain validation error (CVE-2008-4989)
- Fix chain verification for chains that end with RSA-MD2 CAs (LP: #305264)
- Deprecate X.509 validation chains using MD5 and MD2 signatures
- Accept chains where intermediary certs are trusted (LP: #305264)
-- Jamie Strandboge <ja...@ubuntu.com> Fri, 20 Feb 2009 13:02:36
-0600
** Changed in: gnutls13 (Ubuntu Hardy)
Status: Fix Committed => Fix Released
--
gnutls regression: failure in certificate chain validation
https://bugs.launchpad.net/bugs/305264
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
