granicus.if.org Git - python/commit

]> granicus.if.org Git - python/commit

author	Christian Heimes <christian@cheimes.de>
	Fri, 16 Aug 2013 22:58:00 +0000 (00:58 +0200)
committer	Christian Heimes <christian@cheimes.de>
	Fri, 16 Aug 2013 22:58:00 +0000 (00:58 +0200)
commit	e06d47c70cbef8ae77efe0e64cde3e682b66cb05
tree	0ef0b5989302c49cc67e9f729d6cc26f97f260ce	tree \| snapshot
parent	01a513b5d3d94c281f8b0eb8916af51ccddf8534	commit \| diff
parent	a3811e4b8f70790a3dc8768a455cb8836670de37	commit \| diff

Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
inside subjectAltName correctly. Formerly the module has used OpenSSL's
GENERAL_NAME_print() function to get the string represention of ASN.1
strings for rfc822Name (email), dNSName (DNS) and
uniformResourceIdentifier (URI).

Lib/test/test_ssl.py	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	diff1 \|	diff2 \|	blob \| history
Modules/_ssl.c	diff1 \|	diff2 \|	blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

Lib/test/test_ssl.py	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	diff1 \|	diff2 \|	blob \| history
Modules/_ssl.c	diff1 \|	diff2 \|	blob \| history