On 02/13/2013 10:29 AM, Kurt Seifried wrote:
Please use CVE-2012-6127 for this issue.
Ok I should have looked into this deeper, it looks like it may
not be a security issue but I'm not 100% certain, so for now I
will leave this, and if someone can show there is no security
impact I'll reject it. Sorry for the mixup.
This bug will cause valid certificates to be rejected, but not for
invalid certificates to be accepted. Please reject the CVE.