[pkg-fetchmail-maint] NUL CommonName bug

[not disclosed]

fetchmail-CVE-2009-2666.patch

In my configuration I do not have the local certs for SSL so I get a lot of these warnings:

fetchmail: awakened at Sun 22 Nov 2009 09:24:37 GMT
fetchmail: Server certificate verification error: unable to get local issuer certificate
fetchmail: Server certificate verification error: certificate not trusted
fetchmail: sleeping at Sun 22 Nov 2009 09:24:37 GMT for 15 seconds

Since the NUL / CommonName patch was applied I get this:

fetchmail: awakened at Sat 21 Nov 2009 23:52:05 GMT
fetchmail: Server certificate verification error: unable to get local issuer certificate
fetchmail: Server certificate verification error: certificate not trusted
fetchmail: Bad certificate: Subject CommonName contains NUL, aborting!
11002:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:951:
fetchmail: SSL connection failed.
fetchmail: socket error while fetching from XXX at YYY.ZZZ
fetchmail: Query status=2 (SOCKET)
fetchmail: sleeping at Sat 21 Nov 2009 23:52:05 GMT for 15 seconds

This is probably a bug since nothing has changed server side in any event it made it impossible to access my email.
My quick solution was to comment out the offending part of the patch and rebuild which makes it work again.

I am using fetchmail-6.3.8-134.2 from opensuse which has the fetchmail-CVE-2009-2666.patch applied to it containing this code.

Cheers,


SA
 		 	   		  
_________________________________________________________________
Windows Live Hotmail: Your friends can get your Facebook updates, right from Hotmail®.
http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_4:092009
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-fetchmail-maint/attachments/20091122/f816cfe7/attachment.htm>