CVE-2008-4989 patch causes segfault with certain certificates and gnutls 2.4.x
Axel Theilmann
at at pre-secure.de
Wed Jan 21 12:23:48 CET 2009
Simon Josefsson wrote:
moin,
> The code in 2.6.3 should work equally well to 2.4.x as well, and I
> believe it will solve the problem with crashes. So I suggest you ask
> the OpenSUSE team to compare 2.6.0 with 2.6.3 and apply the relevant
> patch. Btw, 2.4.2 also contains a fix for another crash that may be
> useful to apply.
ok, thanks. i'll open a bug with opensuse.
tty, axel
--
Dipl.-Inform. Axel Theilmann at at pre-secure.de
Senior Researcher Phone (+49) 040 / 8080 77 - 880
Fax (+49) 040 / 8080 77 - 877
PRESECURE Consulting GmbH, Muenster AG Münster, HRB 6581
Geschäftsführer/Managing Director Dr. Klaus-Peter Kossakowski
CarmentiS - Early Warning Expertise
https://www.carmentis.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090121/111faf16/attachment.pgp>
More information about the Gnutls-devel
mailing list