bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#13406: 24.2.92; gnus fails imap connection with TLS

From: Ted Zlatanov
Subject: bug#13406: 24.2.92; gnus fails imap connection with TLS
Date: Wed, 16 Jan 2013 09:09:06 -0500
User-agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) 
On Tue, 15 Jan 2013 11:24:29 +0100 Rainer Orth <ro@CeBiTec.Uni-Bielefeld.DE> 
wrote: 

RO> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Can you try from the command line, with `gnutls-cli'?

RO> gnutls-cli isn't installed on Solaris 11, so I built the upstream
RO> version of gnutls 2.8.6 myself.  With the unchanged version, imap with
RO> TLS works fine.  I've then dug up the build receipe on opensolaris.org
RO> and found that the fix for CVE-2012-1573 is wrong: while upstream

RO> 
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=422214868061370aeeb0ac9cd0f021a5c350a57d;hp=cfea38b5482c21fe6ddffaddc59a0040f80bd578

RO> uses a ciphertext.size < hash_size test, Solaris has

RO> 
http://src.opensolaris.org/source/xref/jds/spec-files/branches/gnome-2-30-s11update/patches/gnutls-02-cve-2012-1573.diff

>> hash_size instead.

RO> So the report is invalid and I'll report upstream.

Thank you for the thoroughness, it saves us a lot of work!  Marking this
bug as done.

Ted
reply via email to
[Prev in Thread] Current Thread [Next in Thread]