Hi Rene, > Is there any chance of this being exploitable other than by causing > a DoS based on admin-created configuration?
No. As far as I can see, this only happens if multiple certificates are stored with the same ID on one smartcard. That's the only case the added certificate object is actually the same as one of the stored objects. Which is a bug itself, introduced with 4.3.6, so the proper fix for this problem is the patch I just added to the bug report (and will push to master if it fixes the problem). Thanks and regards, Tobias -- pluto crashes with segfault https://bugs.launchpad.net/bugs/664371 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
