[oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users

Бранко Мајић branko at majic.rs
Fri May 11 18:50:14 CEST 2012


A small curiosity - this function only supports working with single
large file? No support for something like hashed directory
(OpenSSL-style)?

On Fri, 11 May 2012 13:55:50 +0200
Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:

> On Mon, May 7, 2012 at 1:06 PM, Sam Varshavchik
> <mrsam at courier-mta.com> wrote:
> 
> > Debian installs /etc/ssl/certs/ca-certificates.crt. Fedora, and its
> > derivations, (Red Hat, Cent-OS) have /etc/pki/tls/cert.pem
> > installed. FreeBSD has /usr/local/share/certs/ca-root-nss.crt
> > The standard practice on Fedora is to have applications configured
> > or patched to use its default /etc/pki/tls/cert.pem certificate
> > bundle.
> 
> Thanks to Ludwig the next releases of gnutls would include a new
> function, gnutls_certificate_set_x509_system_trust(), which will use
> the system's trusted certificates, which are determined at configure
> time. Are there any comments or suggestions on this functionality?
> 
> regards,
> Nikos
> 
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at gnu.org
> https://lists.gnu.org/mailman/listinfo/gnutls-devel


-- 
Branko Majic
Jabber: branko at majic.rs
Please use only Free formats when sending attachments to me.

Бранко Мајић
Џабер: branko at majic.rs
Молим вас да додатке шаљете искључиво у слободним форматима.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: </pipermail/attachments/20120511/201f36a9/attachment.pgp>


More information about the Gnutls-devel mailing list