An issue in s2n-tls results in skipping a certificate’s Common Name field validation if it exceeds 255 bytes. As a result, s2n-tls incorrectly validates a certificate that has a Common Name (CN) larger than 255 bytes, doesn’t have a Subject Alternative Name (SAN), and is signed by a trusted Certificate Authority (CA).
No AWS services are affected by this issue and customers of AWS services do not need to take action. Client applications using s2n-tls should upgrade their application to the most recent release of s2n-tls.
Impacted versions: All versions of s2n-tls from commit e954e6e through commit 4bd1505. Affected s2n-tls users should fetch s2n-tls commit a58b308 or later.
An issue in s2n-tls results in skipping a certificate’s Common Name field validation if it exceeds 255 bytes. As a result, s2n-tls incorrectly validates a certificate that has a Common Name (CN) larger than 255 bytes, doesn’t have a Subject Alternative Name (SAN), and is signed by a trusted Certificate Authority (CA).
No AWS services are affected by this issue and customers of AWS services do not need to take action. Client applications using s2n-tls should upgrade their application to the most recent release of s2n-tls.
Impacted versions: All versions of s2n-tls from commit e954e6e through commit 4bd1505. Affected s2n-tls users should fetch s2n-tls commit a58b308 or later.