[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Christian Heimes
report at bugs.python.org
Thu May 16 13:15:56 CEST 2013
Christian Heimes added the comment:
RFC 2818 doesn't say anything about the maximum amount of wildcards. I'm going to check OpenSSL's implementation now.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list