Bug#501077: gnutls: openssl-compat out of bounds memory access when getting certificate issuer DN
Thomas Viehmann
tv at beamnet.de
Mon Oct 6 08:55:10 UTC 2008
Hi,
thanks for the swift reply.
On 2008-10-06 10:20:59.00 Simon Josefsson <simon at josefsson.org> wrote:
Thanks for the report and patch. It is solved in the just released
> v2.6.0.
The patch might be tiny, but comparing
http://bugs.debian.org/501077
to
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=b5d38b2c1c2583934815eebbc9cd4c4ea43c11c1
I'd say mine was more correct:
- if (gnutls_x509_extract_certificate_dn (&cert[1], dn) < 0)
+ if (gnutls_x509_extract_certificate_issuer_dn (cert, dn) < 0)
^^^^^^
Kind regards
T.
More information about the Pkg-gnutls-maint
mailing list