[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users |
Date: |
Fri, 11 May 2012 13:55:50 +0200 |
On Mon, May 7, 2012 at 1:06 PM, Sam Varshavchik <address@hidden> wrote:
> Debian installs /etc/ssl/certs/ca-certificates.crt. Fedora, and its
> derivations, (Red Hat, Cent-OS) have /etc/pki/tls/cert.pem installed.
> FreeBSD has /usr/local/share/certs/ca-root-nss.crt
> The standard practice on Fedora is to have applications configured or
> patched to use its default /etc/pki/tls/cert.pem certificate bundle.
Thanks to Ludwig the next releases of gnutls would include a new function,
gnutls_certificate_set_x509_system_trust(), which will use the system's
trusted certificates, which are determined at configure time. Are there any
comments or suggestions on this functionality?
regards,
Nikos
Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users, Sam Varshavchik, 2012/05/07
- Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users,
Nikos Mavrogiannopoulos <=
Re: Fwd: Re: [oss-security] CVE Request: evolution-data-server lacks SSL checking in its libsoup users, Ludwig Nussel, 2012/05/07