[exim-dev] [Bug 1664] OSCP stapling with GnuTLS results in d…

Top Page
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1664] OSCP stapling with GnuTLS results in dropped connections
https://bugs.exim.org/show_bug.cgi?id=1664

--- Comment #4 from Jeremy Harris <jgh146exb@???> ---
Untested as yet, but a commit addressing this has been made in the GnuTLS code
(https://gitlab.com/gnutls/gnutls.git 1965e2c2f724 +branches). Unsafe versions
are 3.4.3 & 3.3.16 . It seems best to disable Exim's use of OCSP for those
(and earlier) runtime versions of the library, but I don't know what effect
this will have on a distro which pulls in the GnuTLS patch without changing the
GnuTLS version number. Presumably they'll be no worse off if they do that and
do not pull in the Exim patch, nor any further Exim release prior to a new
GnuTLS release.

--
You are receiving this mail because:
You are on the CC list for the bug.