)]}'
{
  "commit": "db731f0c4dd75e112e2abdfbe9443065742e58c3",
  "tree": "0f966f0d402c8a2436833105d6d11431710c6877",
  "parents": [
    "9cfca9fe7aa7a8e29b92fe33ce8433e212c9a8ba"
  ],
  "author": {
    "name": "James Bottomley",
    "email": "James.Bottomley@HansenPartnership.com",
    "time": "Wed Apr 15 10:06:02 2026 -0400"
  },
  "committer": {
    "name": "James Bottomley",
    "email": "James.Bottomley@HansenPartnership.com",
    "time": "Thu Apr 30 20:06:29 2026 -0700"
  },
  "message": "sbverify: fix intermediate certificate verification\n\nOpenssl verification of partial chains cannot be fixed by checking\nerror codes in the verify callback (because the errors for\nintermediate verified OK and failed are identical).  Instead they must\nbe fixed by setting the verification flag X509_V_FLAG_PARTIAL_CHAIN\nwhich treats any intermediate cert found as a CA.\n\nFixes: df27a41 (\"sbverify: fix verification with intermediate certificates\")\nTested-by: evilteq@anddroptable.net\nTested-by: Steve McIntyre \u003csteve@einval.com\u003e\nSigned-off-by: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8f14f3526026d12210e5e98cada9be37bb21d40c",
      "old_mode": 33188,
      "old_path": "src/sbverify.c",
      "new_id": "422b3e0e9ce036147a04f2e6a0a237c0ce4013af",
      "new_mode": 33188,
      "new_path": "src/sbverify.c"
    }
  ]
}