Ubuntu Security Notice 2315-1 - Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
4bdcba1f94fef85007b55290e9cc8ceb6ab7a331befa81d3031e5fabd3a1fc31