]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 4a1c04c) | patch
gnutls: Backport certificate check fix
authorJussi Kukkonen <jussi.kukkonen@intel.com>
Mon, 10 Oct 2016 08:30:01 +0000 (11:30 +0300)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 11 Oct 2016 07:26:09 +0000 (08:26 +0100)
commitd7e97992befd3fa5c1c6616652a3aa723d08c531
tree6aab186860e6f34fe6b6aa6b4cdc2395320fb823tree | snapshot
parent4a1c04c0d509b2cda9b2ccd5a80523c05fa279c6commit | diff
gnutls: Backport certificate check fix

Previously the OCSP certificate check wouldn't verify the serial
length and could succeed in cases it shouldn't (CVE-2016-7444).

Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-support/gnutls/gnutls/CVE-2016-7444.patch [new file with mode: 0644] blob
meta/recipes-support/gnutls/gnutls_3.5.3.bb diff | blob | history
Mirror of the official openembedded-core repository