CVE-2011-3207

Priority
Description
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize
certain structure members, which makes it easier for remote attackers to
bypass CRL validation by using a nextUpdate value corresponding to a time
in the past.
Assigned-to
sbeattie
Notes
jdstrandfrom upstream, 1.0.0 only
Package
Upstream:released (1.0.0e)
Patches:
Upstream:http://cvs.openssl.org/chngview?cn=21358
More Information

Updated: 2020-01-29 19:42:14 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)