From: | "Daniel Black (dragonheart)" <dragonheart@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in net-libs/gnutls/files: gnutls-2.2.5-CVE-2008-4989-V2.patch |
Date: | Tue, 18 Nov 2008 11:54:25 |
Message-Id: | E1L2P9y-0003Qm-RW@stork.gentoo.org |
1 | dragonheart 08/11/18 11:54:22 |
2 | |
3 | Added: gnutls-2.2.5-CVE-2008-4989-V2.patch |
4 | Log: |
5 | fixed cve patch as per bug #246976 - thanks parafin |
6 | (Portage version: 2.2_rc14/cvs/Linux 2.6.25-gentoo-r7 x86_64) |
7 | |
8 | Revision Changes Path |
9 | 1.1 net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch |
10 | |
11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch?rev=1.1&view=markup |
12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch?rev=1.1&content-type=text/plain |
13 | |
14 | Index: gnutls-2.2.5-CVE-2008-4989-V2.patch |
15 | =================================================================== |
16 | --- gnutls-2.4.1/lib/x509/verify.c.orig 2008-07-01 06:45:51.000000000 +1000 |
17 | +++ gnutls-2.4.1/lib/x509/verify.c 2008-11-07 16:48:08.000000000 +1100 |
18 | @@ -414,17 +425,6 @@ |
19 | } |
20 | #endif |
21 | |
22 | - /* Check if the last certificate in the path is self signed. |
23 | - * In that case ignore it (a certificate is trusted only if it |
24 | - * leads to a trusted party by us, not the server's). |
25 | - */ |
26 | - if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], |
27 | - certificate_list[clist_size - 1]) > 0 |
28 | - && clist_size > 0) |
29 | - { |
30 | - clist_size--; |
31 | - } |
32 | - |
33 | /* Verify the certificate path (chain) |
34 | */ |
35 | for (i = clist_size - 1; i > 0; i--) |