From: Antoine Pitrou <solipsis@pitrou.net>
Date: Sat, 18 May 2013 15:59:12 +0000 (+0200)
Subject: Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using... 
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=31fb419908c63419b4f725e1ad457a9fd0eee526;p=python

Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
---

31fb419908c63419b4f725e1ad457a9fd0eee526
diff --cc Misc/NEWS
index 68902e5c1f,1a516b7739..2bc763f99a
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@@ -94,21 -87,6 +94,24 @@@ Core and Builtin
  Library
  -------
  
++- Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of
++  service using certificates with many wildcards (CVE-2013-2099).
++
 +- Issue #15758: Fix FileIO.readall() so it no longer has O(n**2) complexity.
 +
 +- Issue #14596: The struct.Struct() objects now use more compact implementation.
 +
 +- Issue #17981: Closed socket on error in SysLogHandler.
 +
 +- Issue #17964: Fix os.sysconf(): the return type of the C sysconf() function
 +  is long, not int.
 +
 +- Fix typos in the multiprocessing module.
 +
 +- Issue #17754: Make ctypes.util.find_library() independent of the locale.
 +
 +- Issue #17968: Fix memory leak in os.listxattr().
 +
  - Issue #17606: Fixed support of encoded byte strings in the XMLGenerator
    characters() and ignorableWhitespace() methods.  Original patch by Sebastian
    Ortiz Vasquez.