]> granicus.if.org Git - python/commit
projects / python / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e4ce9fa) | patch
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)
authorChristian Heimes <christian@python.org>
Sun, 25 Mar 2018 10:36:13 +0000 (12:36 +0200)
committerGitHub <noreply@github.com>
Sun, 25 Mar 2018 10:36:13 +0000 (12:36 +0200)
commitd02ac25ab0879f1a6de6937573bf00a16b7bd22e
treea0843a85918e73dc71d7279eac60382928c95de7tree | snapshot
parente4ce9fa89cb542dced553710b05de85202bc4715commit | diff
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229)

Harden ssl module against LibreSSL CVE-2018-8970.
X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test
ensures that NULL bytes are not allowed.

Signed-off-by: Christian Heimes <christian@python.org>
Lib/test/test_ssl.py diff | blob | history
Misc/NEWS.d/next/Security/2018-03-25-12-05-43.bpo-33136.TzSN4x.rst [new file with mode: 0644] blob
Modules/_ssl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.