Bug#541439: CVE-2009-2730: does not properly handle a '\0' character
Andreas Metzler
ametzler at downhill.at.eu.org
Sat Aug 15 12:20:56 UTC 2009
On 2009-08-14 Giuseppe Iuculano <giuseppe at iuculano.it> wrote:
> Package: gnutls26
> Severity: serious
> Tags: security
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) id was
> published for gnutls26.
> CVE-2009-2730[0]:
> | libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0'
> | character in a domain name in the subject's (1) Common Name (CN) or
> | (2) Subject Alternative Name (SAN) field of an X.509 certificate,
> | which allows man-in-the-middle attackers to spoof arbitrary SSL
> | servers via a crafted certificate issued by a legitimate Certification
> | Authority.
> If you fix the vulnerability please also make sure to include the
> CVE id in your changelog entry.
> Could you check if gnutls13 is affected please?
> For further information see:
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2730
> http://security-tracker.debian.net/tracker/CVE-2009-2730
> Cheers,
> Giuseppe.
Jamie Strandboge has generated patches for older versions of gnutls
and posted them in
http://lists.gnu.org/archive/html/gnutls-devel/2009-08/msg00065.html
The patch for 2.4.x applies cleanly to the lenny release and seems to
fix the issue. - None of these apply to the etch-version, though.
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint
mailing list