commit | e06d47c70cbef8ae77efe0e64cde3e682b66cb05 | [log] [tgz] |
---|---|---|
author | Christian Heimes <christian@cheimes.de> | Sat Aug 17 00:58:00 2013 +0200 |
committer | Christian Heimes <christian@cheimes.de> | Sat Aug 17 00:58:00 2013 +0200 |
tree | 0ef0b5989302c49cc67e9f729d6cc26f97f260ce | |
parent | 01a513b5d3d94c281f8b0eb8916af51ccddf8534 [diff] | |
parent | a3811e4b8f70790a3dc8768a455cb8836670de37 [diff] |
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for rfc822Name (email), dNSName (DNS) and uniformResourceIdentifier (URI).