gnutls
Page content
- Author: kikadf
- Vulnerable: 2.12.17-1
- Unaffected: 2.12.17-2arcturus1
Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported sucessfully even in cases were an error would prevent all verification steps to be performed. Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by default.