Opened 11 years ago
Closed 8 years ago
#7542 closed defect (invalid)
Security issues in gnutls-2.2.1
| Reported by: | drkirkby | Owned by: | mvngu |
|---|---|---|---|
| Priority: | critical | Milestone: | sage-duplicate/invalid/wontfix |
| Component: | cryptography | Keywords: | |
| Cc: | david.kirkby@… | Merged in: | |
| Authors: | Reviewers: | Jeroen Demeyer | |
| Report Upstream: | Reported upstream. Developers acknowledge bug. | Work issues: | |
| Branch: | Commit: | ||
| Dependencies: | Stopgaps: |
Description
According to the Simon Josefsson, there are security issues with version 2.2.1.
"Unless you back-port security fixes to 2.2.x, you want to use the 2.8.x release to get proper security fixes."
There are two other issues with 2.2.1 I am aware of.
I do not know exactly what the bug is, but I'm told there are security issues with this release.
I tried to create a .spkg from the latest release, but that failed to build on Solaris 10 (SPARC) so was worst than the older release, though the developers tell me it should be ok.
dave
Change History (2)
comment:1 Changed 11 years ago by
- Cc david.kirkby@… added
comment:2 Changed 8 years ago by
- Milestone changed from sage-5.4 to sage-duplicate/invalid/wontfix
- Resolution set to invalid
- Reviewers set to Jeroen Demeyer
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
GNUTLS is no longer part of Sage.