https://bugzilla.redhat.com/show_bug.cgi?id=2087911

--- Doc Text *updated* by RaTasha Tillery-Smith rtillery@redhat.com --- A flaw was found in OpenSSL's Online Certificate Status Protocol (OCSP) response functionality in the signer certificate verification routines. This flaw could result in a linked application falsely believing that an x.509 Digital Certificate is either "good" or "unknown" when revoked and requires that the application use a non-default configuration. This vulnerability leads to an issue with data integrity and confidentiality.