[Bug 2313] Corrupt KRL file when using multiple CA.
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Dec 11 11:32:00 EST 2014
https://bugzilla.mindrot.org/show_bug.cgi?id=2313
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Blocks| |2266
CC| |djm at mindrot.org
Resolution|--- |FIXED
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Fixed in -current and will be released in OpenSSH 6.8:
> commit 9f9fad0191028edc43d100d0ded39419b6895fdf
> Author: djm at openbsd.org <djm at openbsd.org>
> Date: Mon Nov 17 00:21:40 2014 +0000
>
> upstream commit
>
> fix KRL generation when multiple CAs are in use
>
> We would generate an invalid KRL when revoking certs by serial
> number for multiple CA keys due to a section being written out
> twice.
>
> Also extend the regress test to catch this case by having it
> produce a multi-CA KRL.
>
> Reported by peter AT pean.org
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list