Comment 2 for bug 515996

I need to revoke this approval -- libesmtp is vulnerable to a variation of CVE-2009-2408, in that it does not correctly handle NULL-bytes in the commonName of certificates when comparing domain names. (See smtp-tls.c)