diff options
Diffstat (limited to 'security/gnutls/files/patch-CVE-2008-4989')
| -rw-r--r-- | security/gnutls/files/patch-CVE-2008-4989 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/security/gnutls/files/patch-CVE-2008-4989 b/security/gnutls/files/patch-CVE-2008-4989 new file mode 100644 index 000000000000..0fcbc839f437 --- /dev/null +++ b/security/gnutls/files/patch-CVE-2008-4989 @@ -0,0 +1,20 @@ +--- lib/x509/verify.c.orig 2008-09-16 00:04:19.000000000 +0400 ++++ lib/x509/verify.c 2008-11-14 16:06:59.000000000 +0300 +@@ -414,17 +425,6 @@ + } + #endif + +- /* Check if the last certificate in the path is self signed. +- * In that case ignore it (a certificate is trusted only if it +- * leads to a trusted party by us, not the server's). +- */ +- if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], +- certificate_list[clist_size - 1]) > 0 +- && clist_size > 0) +- { +- clist_size--; +- } +- + /* Verify the certificate path (chain) + */ + for (i = clist_size - 1; i > 0; i--) |