-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2009-08-14 09:55:54 UTC
-
Revision ID:
james.westby@ubuntu.com-20090814095554-orwh9viigss9k3fj
Tags: 2.6.6-1ubuntu1
* SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
- debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
are what we expect and error out if either contains an embedded \0
- CVE-2009-2730