Create an account

Subscribe to LWN

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

openssl: certification error

Package(s):

openssl

CVE #(s):

CVE-2011-3207

Created:

September 12, 2011

Updated:

October 27, 2011

Description:

From the Red Hat bugzilla:

Under certain circumstances OpenSSL's internal certificate verification routines can incorrectly accept a CRL whose nextUpdate field is in the past.

Alerts:

Scientific Linux	SL-open-20111026	2011-10-26
Red Hat	RHSA-2011:1409-01	2011-10-26
openSUSE	openSUSE-SU-2011:1144-1	2011-10-18
Gentoo	201110-01	2011-10-09
Mandriva	MDVSA-2011:137	2011-09-28
Fedora	FEDORA-2011-12281	2011-09-08

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds