hel-abi-compatibility
3 - https://access.redhat.com/security/updates/backporting
4 - https://access.redhat.com/support/policy/updates/errata
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republi
security critical bits"
It still results in a denial of service. Yes, far less severe than private key
leak or remote code execution, but a severe vulnerability none the less.
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r
routines:OCSP_basic_verify:signer
certificate not found:ocsp_vfy.c:85:
ca/cert.pem: good
This Update: Sep 23 12:12:28 2014 GMT
will be accepted as being trustworthy.
Note that "Response verify OK" is printed on stderr, so it can't
be discarded.
Signed-off-by: Hubert Kario <hka...@redhat.com&
in case the reposnses are too old, ocsp tool can return text like this:
Response verify OK
ca/cert.pem: WARNING: Status times invalid.
139990703290240:error:2707307D:OCSP routines:OCSP_check_validity:status
expired:ocsp_cl.c:358:
good
This Update: Sep 21 12:12:48 2014 GMT
Next
://github.com/OpenVPN/openvpn/pull/17
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: hka...@redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic