crypt32(3/4): Don't assume intermediate certificates are allowed to be CAs
Juan Lang
juan.lang at gmail.com
Tue Feb 10 21:01:28 CST 2009
This should fix the vulnerability Microsoft described in their
security bulletin MS02-050. Note that all CAs installed in the last
however many years conform, that is, contain the basic constraints
extension, so there wasn't in fact an exploitable vulnerability in
Wine here unless a bad root cert were imported. Nonetheless, it's the
Right Thing To Do, and it makes Wine conform just a wee bit better to
recent versions of Windows.
--Juan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0012-Don-t-assume-intermediate-certificates-are-allowed-t.patch
Type: text/x-diff
Size: 4301 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20090210/353762e5/attachment-0001.patch
More information about the wine-patches
mailing list