The "validate" method on Validate for X509Certificate always return true for version 0.12.0

rusticata / x509-parser

X.509 parser written in pure Rust. Fast, zero-copy, safe.

Other

206 stars 67 forks source link

Closed Kxuan closed 2 years ago

Kxuan commented 2 years ago

The newest releases on "crates.io" is 0.12.0. But it has a security bug.

The docuemt says,

The "validate" method:

Returns true if item was validated.

But the "validate" method also return true if item was INVALIDATE.

This bug is fixed by this commit. But it has not been releases.

Please release a new version to fix this bug.

chifflier commented 2 years ago

Closing, version 0.13.0 has been released Thanks