Summary: | <net-libs/gnutls-3.3.24: Certificate verification issue when used with the p11-kit trust module | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | alonbl, crypto+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1353843 | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
![]() Can be stabilize. amd64 stable x86 stable Stable for HPPA PPC64. Stable on alpha. arm stable sparc stable ppc stable 3.3.24-r1 in another bug (In reply to Agostino Sarubbo from comment #8) > ppc stable 3.3.24-r1 in another bug same for ia64 Cleaned up. @ Maintainer(s): Can you confirm that Gentoo did not build gnutls with "--with-default-trust-store-pkcs11"? (In reply to Thomas Deutschmann from comment #11) > @ Maintainer(s): Can you confirm that Gentoo did not build gnutls with > "--with-default-trust-store-pkcs11"? We have never explicitly enabled that, and based on what I see from source it is not enabled by default. (In reply to Alon Bar-Lev from comment #12) > We have never explicitly enabled that, and based on what I see from source > it is not enabled by default. Thanks. I came to the same conclusion. Therefore, lowering rating to B3. GLSA Vote: No All done, tree is clean. |