Archives
Archives
| From: | "Daniel Black (dragonheart)" <dragonheart@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo-x86 commit in net-libs/gnutls/files: gnutls-2.2.5-CVE-2008-4989-V2.patch |
| Date: | Tue, 18 Nov 2008 11:54:25 |
| Message-Id: | E1L2P9y-0003Qm-RW@stork.gentoo.org |
| 1 | dragonheart 08/11/18 11:54:22 |
| 2 | |
| 3 | Added: gnutls-2.2.5-CVE-2008-4989-V2.patch |
| 4 | Log: |
| 5 | fixed cve patch as per bug #246976 - thanks parafin |
| 6 | (Portage version: 2.2_rc14/cvs/Linux 2.6.25-gentoo-r7 x86_64) |
| 7 | |
| 8 | Revision Changes Path |
| 9 | 1.1 net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch |
| 10 | |
| 11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch?rev=1.1&view=markup |
| 12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-libs/gnutls/files/gnutls-2.2.5-CVE-2008-4989-V2.patch?rev=1.1&content-type=text/plain |
| 13 | |
| 14 | Index: gnutls-2.2.5-CVE-2008-4989-V2.patch |
| 15 | =================================================================== |
| 16 | --- gnutls-2.4.1/lib/x509/verify.c.orig 2008-07-01 06:45:51.000000000 +1000 |
| 17 | +++ gnutls-2.4.1/lib/x509/verify.c 2008-11-07 16:48:08.000000000 +1100 |
| 18 | @@ -414,17 +425,6 @@ |
| 19 | } |
| 20 | #endif |
| 21 | |
| 22 | - /* Check if the last certificate in the path is self signed. |
| 23 | - * In that case ignore it (a certificate is trusted only if it |
| 24 | - * leads to a trusted party by us, not the server's). |
| 25 | - */ |
| 26 | - if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], |
| 27 | - certificate_list[clist_size - 1]) > 0 |
| 28 | - && clist_size > 0) |
| 29 | - { |
| 30 | - clist_size--; |
| 31 | - } |
| 32 | - |
| 33 | /* Verify the certificate path (chain) |
| 34 | */ |
| 35 | for (i = clist_size - 1; i > 0; i--) |