Fedora 11 Security Update: neon-0.28.6-1.fc11

Article Source Fedora 11 Security Updates
August 20, 2009, 1:34 pm

This update includes the latest release of neon, version 0.28.6. This fixes two security issues:

* the “billion laughs” attack against expat could allow a Denial of Service attack by a malicious server. (CVE-2009-2473)

* an embedded NUL byte in a certificate subject name could allow an undetected MITM attack against an SSL server if a trusted CA issues such a cert…

Read More