[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#13406: 24.2.92; gnus fails imap connection with TLS
From: |
Ted Zlatanov |
Subject: |
bug#13406: 24.2.92; gnus fails imap connection with TLS |
Date: |
Wed, 16 Jan 2013 09:09:06 -0500 |
User-agent: |
Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3.50 (gnu/linux) |
On Tue, 15 Jan 2013 11:24:29 +0100 Rainer Orth <ro@CeBiTec.Uni-Bielefeld.DE>
wrote:
RO> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Can you try from the command line, with `gnutls-cli'?
RO> gnutls-cli isn't installed on Solaris 11, so I built the upstream
RO> version of gnutls 2.8.6 myself. With the unchanged version, imap with
RO> TLS works fine. I've then dug up the build receipe on opensolaris.org
RO> and found that the fix for CVE-2012-1573 is wrong: while upstream
RO>
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=422214868061370aeeb0ac9cd0f021a5c350a57d;hp=cfea38b5482c21fe6ddffaddc59a0040f80bd578
RO> uses a ciphertext.size < hash_size test, Solaris has
RO>
http://src.opensolaris.org/source/xref/jds/spec-files/branches/gnome-2-30-s11update/patches/gnutls-02-cve-2012-1573.diff
>> hash_size instead.
RO> So the report is invalid and I'll report upstream.
Thank you for the thoroughness, it saves us a lot of work! Marking this
bug as done.
Ted