Comment 16 for bug 305264

This bug was fixed in the package gnutls26 - 2.4.1-1ubuntu0.2

---------------
gnutls26 (2.4.1-1ubuntu0.2) intrepid-security; urgency=low

  * Fix for regression where some valid certificate chains would be untrusted
    - Update debian/patches/20_CVE-2008-4989.diff to check if last certificate
      is self-signed and prevent verifying self-signed certificates against
      themselves. Patch from upstream.
    - http://lists.gnu.org/archive/html/gnutls-devel/2008-12/msg00008.html
    - LP: #305264

 -- Jamie Strandboge <email address hidden> Fri, 05 Dec 2008 14:36:48 -0600