package: openssl version: 0.9.8 severity: important tags: security it has been disclosed that ssl applications can be tricked via inauthentic certificates containing null characters [0]. i have not personally checked whether openssl is affected by this, but since this is newly disclosed, it is very likely the case. please check and fix if need be. thanks.
-- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
