[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Antoine Pitrou
report at bugs.python.org
Fri May 17 15:13:30 CEST 2013
Antoine Pitrou added the comment:
Attached patch forbidding more than one wildcard per fragment.
----------
stage: needs patch -> patch review
Added file: http://bugs.python.org/file30292/ssl_wildcard_dos2.patch
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list