Bug#691864: libgnutls28: gnutls does not sort certificate chain to be verified

Tue Oct 30 14:00:07 UTC 2012

Package: libgnutls28
Version: 3.0.22-2
Severity: important

In gnutls 3.1 it is possible to verify authenticity of server that
supplies certificate chain which is not sorted.

eg. server has certificate S which is signed by intermediate I which is
signed by CA root R. The server supplies chain S R I which is verified
by gnutls 3.1 but not 3.0. Such servers exist in the wild so this is
clearly an interoporebility issue.

In gnutls 3.1.3 GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN flag is available and
defaults to on. When this flag is set such chain is verified without
issues.

Thanks

Michal

-- System Information:
Debian Release: 6.0.6
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing'), (400, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libgnutls28 depends on:
ii  libc6                    2.13-35         Embedded GNU C Library: Shared lib
ii  libgmp10                 2:5.0.5+dfsg-2  Multiprecision arithmetic library
ii  libhogweed2              2.5-1           low level cryptographic library (p
ii  libnettle4               2.5-1           low level cryptographic library (s
ii  libp11-kit0              0.12-3          Library for loading and coordinati
ii  libtasn1-3               2.14-2          Manage ASN.1 structures (runtime)
ii  multiarch-support        2.13-35         Transitional package to ensure mul
ii  zlib1g                   1:1.2.7.dfsg-13 compression library - runtime

libgnutls28 recommends no packages.

Versions of packages libgnutls28 suggests:
ii  gnutls-bin                    3.1.3-1    GNU TLS library - commandline util

-- no debconf information