commit | 88b174c977f552ddcc5ff3078742a2922b236f83 | [log] [tgz] |
---|---|---|
author | Christian Heimes <christian@cheimes.de> | Sat Aug 17 00:54:47 2013 +0200 |
committer | Christian Heimes <christian@cheimes.de> | Sat Aug 17 00:54:47 2013 +0200 |
tree | e2cf01841a6ce776e79bdccac2c97019a6e65ded | |
parent | 326ec048bf082bf136ab3d6922fa3a89bc6d5892 [diff] |
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for rfc822Name (email), dNSName (DNS) and uniformResourceIdentifier (URI).