[issue13898] Ignored exception in test_ssl
Antoine Pitrou
report at bugs.python.org
Sat Jan 28 19:55:11 CET 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
The changelog between 1.0.0d and 1.0.0e doesn't seem to list anything which could affect this test:
*) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
by initialising X509_STORE_CTX properly. (CVE-2011-3207)
[Kaspar Brand <ossl at velox.ch>]
*) Fix SSL memory handling for (EC)DH ciphersuites, in particular
for multi-threaded use of ECDH. (CVE-2011-3210)
[Adam Langley (Google)]
*) Fix x509_name_ex_d2i memory leak on bad inputs.
[Bodo Moeller]
*) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
signature public key algorithm by using OID xref utilities instead.
Before this you could only use some ECC ciphersuites with SHA1 only.
[Steve Henson]
*) Add protection against ECDSA timing attacks as mentioned in the paper
by Billy Bob Brumley and Nicola Tuveri, see:
http://eprint.iacr.org/2011/232.pdf
(from http://www.openssl.org/news/changelog.html)
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13898>
_______________________________________
More information about the Python-bugs-list
mailing list