~ubuntu-branches/ubuntu/intrepid/gnutls26/intrepid-security

Viewing all changes in revision 10.

  • Committer: Bazaar Package Importer
  • Author(s): Jamie Strandboge
  • Date: 2009-08-14 14:03:56 UTC
  • Revision ID: james.westby@ubuntu.com-20090814140356-zlbb81f658cv855b
Tags: 2.4.1-1ubuntu0.4
* SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
  Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
  - debian/patches/21_CVE-2009-2730.diff: verify length of CN and SAN
    are what we expect and error out if either contains an embedded \0
  - CVE-2009-2730

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: