File CVE-2008-4989.patch of Package gnutls

Index: gnutls-2.4.1/lib/x509/verify.c
===================================================================
--- gnutls-2.4.1.orig/lib/x509/verify.c
+++ gnutls-2.4.1/lib/x509/verify.c
@@ -414,17 +414,6 @@ _gnutls_x509_verify_certificate (const g
     }
 #endif
 
-  /* Check if the last certificate in the path is self signed.
-   * In that case ignore it (a certificate is trusted only if it
-   * leads to a trusted party by us, not the server's).
-   */
-  if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
-				    certificate_list[clist_size - 1]) > 0
-      && clist_size > 0)
-    {
-      clist_size--;
-    }
-
   /* Verify the certificate path (chain) 
    */
   for (i = clist_size - 1; i > 0; i--)