Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9212

ssl-validate-cert incorrect hostname check

Details

    Description

      ssl_verify_server_cert() function parses the output of X509_NAME_oneline() to get the value of the /CN=... field. But if this string — "/CN=" — is present as a part of the value of some other field that might cause the output to be parsed incorrectly. See https://wiki.openssl.org/index.php/Hostname_validation for examples of correct hostname validation.

      Attachments

        Issue Links

          links to

          Web Link CVE-2016-2047

          Activity

            Ascending order - Click to sort in descending order
            serg Sergei Golubchik created issue -
            serg Sergei Golubchik made changes -
            Field Original Value New Value
            Labels upstream
            serg Sergei Golubchik made changes -
            serg Sergei Golubchik made changes -
            serg Sergei Golubchik made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            serg Sergei Golubchik made changes -
            Assignee Sergei Golubchik [ serg ]
            serg Sergei Golubchik made changes -
            Fix Version/s 5.5.47 [ 20300 ]
            Fix Version/s 10.0.23 [ 20401 ]
            Fix Version/s 10.1.10 [ 20402 ]
            Fix Version/s 5.5 [ 15800 ]
            Fix Version/s 10.0 [ 16000 ]
            Fix Version/s 10.1 [ 16100 ]
            Resolution Fixed [ 1 ]
            Status In Progress [ 3 ] Closed [ 6 ]
            serg Sergei Golubchik made changes -
            serg Sergei Golubchik made changes -
            Workflow MariaDB v3 [ 72809 ] MariaDB v4 [ 149876 ]

            People

              serg Sergei Golubchik
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.