- Sven Anders reported that we introduced a cert verfication flaw for OpenSSL-

powered libcurl in 7.19.6. If there was a X509v3 Subject Alternative Name field in the certficate it had to match and so even if non-DNS and non-IP entry was present it caused the verification to fail.
author: Daniel Stenberg <daniel@haxx.se> 2009-09-16 20:44:18 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2009-09-16 20:44:18 +0000
commit: 250ba9949894571052888cd2065defbb3e00b183 (patch)
tree: bd368d9b53bf8d43cbee54515f097b76a16843e2 /RELEASE-NOTES
parent: c2c3a46e3e69afb6f34410b89919b2e5c18ce1c4 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 7136fd55c..6077ef25f 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -28,6 +28,7 @@ This release includes the following bugfixes:
  o configure uses pkg-config for cross-compiles as well
  o improved NSS detection in configure
  o cookie expiry date at 1970-jan-1 00:00:00
+ o libcurl-OpenSSL failed to verify some certs with Subject Alternative Name
 
 This release includes the following known bugs:
 
@@ -38,6 +39,6 @@ advice from friends like these:
 
  Karl Moerder, Kamil Dudka, Krister Johansen, Andre Guibert de Bruet,
  Michal Marek, Eric Wong, Guenter Knauf, Peter Sylvester, Daniel Johnson,
- Claes Jakobsson
+ Claes Jakobsson, Sven Anders
 
         Thanks! (and sorry if I forgot to mention someone)
author	Daniel Stenberg <daniel@haxx.se>	2009-09-16 20:44:18 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2009-09-16 20:44:18 +0000
commit	250ba9949894571052888cd2065defbb3e00b183 (patch)
tree	bd368d9b53bf8d43cbee54515f097b76a16843e2 /RELEASE-NOTES
parent	c2c3a46e3e69afb6f34410b89919b2e5c18ce1c4 (diff)