Comment 1 for bug 413136

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gnutls26 - 2.6.6-1ubuntu1

---------------
gnutls26 (2.6.6-1ubuntu1) karmic; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden> Fri, 14 Aug 2009 09:55:54 -0500