package: openssl version: 0.9.8 severity: important tags: security it has been disclosed that ssl applications can be tricked via inauthentic certificates containing null characters [0]. i have not personally checked whether openssl is affected by this, but since this is newly disclosed, it is very likely the case. please check and fix if need be. thanks.
-- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
