again

commit: 9ceb2f15c20ad49179b44997ed188db0e0879c98 [log] [tgz]
author: Jean-Paul Calderone <exarkun@twistedmatrix.com> Fri Aug 23 15:23:21 2013 -0400
committer: Jean-Paul Calderone <exarkun@twistedmatrix.com> Fri Aug 23 15:23:21 2013 -0400
tree: 3f6e415390a3efeac8e30b309cb18bbab9579227
parent: de1a6825575f89b896b71156d6dfe14964184326 [diff]
diff --git a/OpenSSL/crypto/x509ext.c b/OpenSSL/crypto/x509ext.c
index caa78b0..e075ae7 100644
--- a/OpenSSL/crypto/x509ext.c
+++ b/OpenSSL/crypto/x509ext.c

@@ -237,8 +237,10 @@
 }
 
 
-/* Special handling of subjectAltName, see CVE-2013-4073 */
-
+/* Special handling of subjectAltName.  OpenSSL's builtin formatter,
+ * X509V3_EXT_print, mishandles NUL bytes allowing a truncated display that
+ * does not accurately reflect what's in the extension.
+ */
 int
 crypto_X509Extension_str_san(crypto_X509ExtensionObj *self, BIO *bio)
 {
commit	9ceb2f15c20ad49179b44997ed188db0e0879c98	[log] [tgz]
author	Jean-Paul Calderone <exarkun@twistedmatrix.com>	Fri Aug 23 15:23:21 2013 -0400
committer	Jean-Paul Calderone <exarkun@twistedmatrix.com>	Fri Aug 23 15:23:21 2013 -0400
tree	3f6e415390a3efeac8e30b309cb18bbab9579227
parent	de1a6825575f89b896b71156d6dfe14964184326 [diff]