David Benjamin discovered a flaw in the GENERAL_NAME_cmp function which could cause a NULL dereference, resulting in denial of service. Additional details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20201208.txt