Comment 14 for bug 305264

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls13 - 1.6.3-1ubuntu0.3

---------------
gnutls13 (1.6.3-1ubuntu0.3) gutsy-security; urgency=low

  * Fix for regression where some valid certificate chains would be untrusted
    - Update debian/patches/91_CVE-2008-4989.diff to check if last certificate
      is self-signed and prevent verifying self-signed certificates against
      themselves. Patch from upstream.
    - http://lists.gnu.org/archive/html/gnutls-devel/2008-12/msg00008.html
    - LP: #305264

 -- Jamie Strandboge <email address hidden> Fri, 05 Dec 2008 14:49:34 -0600