OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.Referenceshttp://marc.info/?l=bugtraq&m=107003609308765&w=2
