OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2014-3508

The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i when pretty printing is used does not ensure the presence of 39039 characters which allows context-dependent attackers to obtain sensitive information from process stack memory by reading output from X509_name_oneline X509_name_print_ex and unspecified other functions.