Slackware-10.2 ChangeLog (2009-08-14)

Fri Aug 14 13:42:26 CDT 2009

This update fixes a security issue where a zero byte embedded in an SSL
or TLS certificate could fool cURL into validating the security of a
connection to a system that the certificate was not issued for. It has
been reported that at least one Certificate Authority allowed such
certificates to be issued.
For more information, see:
(* Security fix *)
  • news/2009/08/14/slackware-10.2-changelog.txt
  • Last modified: 11 months ago
  • by Giuseppe Di Terlizzi