Every version of GnuTLS found to be vulnerable to certification bypass.

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Every version of GnuTLS found to be vulnerable to certification bypass.

Thomas Gries
not 100% specific for MediaWiki, but be informed

*** to whom it may concern ***

Every version of GnuTLS found to be vulnerable to certification bypass.

See
http://packetstormsecurity.com/files/125521/GNU-Transport-Layer-Security-Library-3.2.12.html
and look on Twitter for gnutls

The relevant patch appears to be
https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l