]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 326ec04) | patch
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
authorChristian Heimes <christian@cheimes.de>
Fri, 16 Aug 2013 22:54:47 +0000 (00:54 +0200)
committerChristian Heimes <christian@cheimes.de>
Fri, 16 Aug 2013 22:54:47 +0000 (00:54 +0200)
commit88b174c977f552ddcc5ff3078742a2922b236f83
treee2cf01841a6ce776e79bdccac2c97019a6e65dedtree | snapshot
parent326ec048bf082bf136ab3d6922fa3a89bc6d5892commit | diff
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).
Lib/test/nullbytecert.pem [new file with mode: 0644] blob
Lib/test/test_ssl.py diff | blob | history
Misc/NEWS diff | blob | history
Modules/_ssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.