NEWS: add an entry for #1810

author Alexander Sosedkin <asosedkin@redhat.com>

Wed, 29 Apr 2026 10:27:48 +0000 (12:27 +0200)

committer Alexander Sosedkin <asosedkin@redhat.com>

Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
author Alexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 10:27:48 +0000 (12:27 +0200)
committer Alexander Sosedkin <asosedkin@redhat.com>
Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)
diff --git a/NEWS b/NEWS

index 3914eaaa35057664ddfae7bc512e672d2b0be1d9..2c98dc6e4f5c3ad448a0ae6aee026c1830317e31 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -119,6 +119,12 @@ See the end for copying conditions.
     allow bypassing the GNUTLS_ALLOW_ID_CHANGE protection (#1808).
     Reported and fixed by Joshua Rogers of AISLE Research Team.
  
+** libgnutls: Fix OID length check for OCSP delegated signer EKU
+   The OCSP signing EKU OID was compared without verifying its length,
+   allowing a shorter OID that shares the same prefix to match.
+   The check now verifies the length as well (#1810).
+   Reported by Joshua Rogers of AISLE Research Team.
+
  ** build: Support building with Nettle 4.0
     Nettle 4.0 was released in Feburary 2026, with API incompatibile
     changes from 3.10. The library can now compile with it, while
author	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 29 Apr 2026 10:27:48 +0000 (12:27 +0200)
committer	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 29 Apr 2026 14:26:23 +0000 (16:26 +0200)