[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#13406: 24.2.92; gnus fails imap connection with TLS
From: |
Rainer Orth |
Subject: |
bug#13406: 24.2.92; gnus fails imap connection with TLS |
Date: |
Tue, 15 Jan 2013 11:24:29 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.2.92 (usg-unix-v) |
Ted Zlatanov <tzz@lifelogs.com> writes:
> Can you try from the command line, with `gnutls-cli'?
gnutls-cli isn't installed on Solaris 11, so I built the upstream
version of gnutls 2.8.6 myself. With the unchanged version, imap with
TLS works fine. I've then dug up the build receipe on opensolaris.org
and found that the fix for CVE-2012-1573 is wrong: while upstream
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=422214868061370aeeb0ac9cd0f021a5c350a57d;hp=cfea38b5482c21fe6ddffaddc59a0040f80bd578
uses a ciphertext.size < hash_size test, Solaris has
http://src.opensolaris.org/source/xref/jds/spec-files/branches/gnome-2-30-s11update/patches/gnutls-02-cve-2012-1573.diff
> hash_size instead.
So the report is invalid and I'll report upstream.
Rainer
--
-----------------------------------------------------------------------------
Rainer Orth, Center for Biotechnology, Bielefeld University