Mandriva Linux Security Advisory 2015-127 - Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
c2afdf6df232dfa0f1e7f2d6a4b68eb64ea16f42e60c5be7a833ec29608114c8