[Epel-packagers-sig] [Bug 2087911] CVE-2022-1343 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS

25 May 2022


      https://bugzilla.redhat.com/show_bug.cgi?id=2087911
--- Doc Text *updated* by RaTasha Tillery-Smith rtillery@redhat.com ---
A flaw was found in OpenSSL's Online Certificate Status Protocol (OCSP) response functionality in the signer certificate verification routines. This flaw could result in a linked application falsely believing that an x.509 Digital Certificate is either "good" or "unknown" when revoked and requires that the application use a non-default configuration. This vulnerability leads to an issue with data integrity and confidentiality.
-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2087911

2024

2023

2022

2021

[Epel-packagers-sig] [Bug 2087911] CVE-2022-1343 openssl: Signer certificate verification returns inaccurate response when using OCSP_NOCHECKS