[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Roundup Robot
report at bugs.python.org
Sat May 18 17:59:23 CEST 2013
Roundup Robot added the comment:
New changeset b9b521efeba3 by Antoine Pitrou in branch '3.2':
Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
http://hg.python.org/cpython/rev/b9b521efeba3
New changeset c627638753e2 by Antoine Pitrou in branch '3.3':
Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
http://hg.python.org/cpython/rev/c627638753e2
New changeset fafd33db6ff6 by Antoine Pitrou in branch 'default':
Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
http://hg.python.org/cpython/rev/fafd33db6ff6
----------
nosy: +python-dev
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list