Red Hat Security Advisory 2014-1098-01 - HttpClient is an HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. This issue was discovered by Florian Weimer of Red Hat Product Security.
7df65a02bbc1bc5f61cae3e68e09fedb553701534ae4f7610be73e42d295d8b9