]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f880e5d) | patch
- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
authorBarry Warsaw <barry@python.org>
Fri, 23 Aug 2013 17:26:49 +0000 (13:26 -0400)
committerBarry Warsaw <barry@python.org>
Fri, 23 Aug 2013 17:26:49 +0000 (13:26 -0400)
commit82f88283171933127f20f866a7f98694b29cca56
tree85f872fa42b336a9f739035e25007978d777f9batree | snapshot
parentf880e5d5eaef3233fb1cd2f747c8f0ba59c7f086commit | diff
- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
  inside subjectAltName correctly. Formerly the module has used OpenSSL's
  GENERAL_NAME_print() function to get the string represention of ASN.1
  strings for `rfc822Name` (email), `dNSName` (DNS) and
  `uniformResourceIdentifier` (URI).
Lib/test/keycert.pem diff | blob | history
Lib/test/nullbytecert.pem [new file with mode: 0644] blob
Lib/test/test_ssl.py diff | blob | history
Misc/NEWS diff | blob | history
Modules/_ssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.