2 matches found
JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle...
Moderate: Red Hat Security Advisory: gnutls security update
Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library provides support for cryptographic algorithms and for protocols such as...