]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 29c3fc5) | patch
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
authorChristian Heimes <christian@cheimes.de>
Fri, 16 Aug 2013 22:54:47 +0000 (00:54 +0200)
committerChristian Heimes <christian@cheimes.de>
Fri, 16 Aug 2013 22:54:47 +0000 (00:54 +0200)
commit824f7f366d1b54d2d3100c3130c04cf1dfb4b47c
tree7ad3483f5c37f77f2d0aa79772c0d07e2c5394ddtree | snapshot
parent29c3fc5d8f9e14e10783ab0ecc1bd15e1144cd07commit | diff
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).
Lib/test/nullbytecert.pem [new file with mode: 0644] blob
Lib/test/test_ssl.py diff | blob | history
Misc/NEWS diff | blob | history
Modules/_ssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.