diff options
| author | Łukasz Langa <lukasz@langa.pl> | 2023-08-22 17:53:23 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-22 17:53:23 (GMT) |
| commit | 37d7180cb647f0bed0c1caab0037f3bc82e2af96 (patch) | |
| tree | 61b05adc4b73ad4a51ccf1945d4cbb685ec3fbdb /Lib/idlelib/sidebar.py | |
| parent | 7d445511f8b6eb32cbb295e87302e28ffec67454 (diff) | |
| download | cpython-37d7180cb647f0bed0c1caab0037f3bc82e2af96.zip cpython-37d7180cb647f0bed0c1caab0037f3bc82e2af96.tar.gz cpython-37d7180cb647f0bed0c1caab0037f3bc82e2af96.tar.bz2 | |
[3.10] gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw (#108318)
gh-108310: Fix CVE-2023-40217: Check for & avoid the ssl pre-close flaw
Instances of `ssl.SSLSocket` were vulnerable to a bypass of the TLS handshake
and included protections (like certificate verification) and treating sent
unencrypted data as if it were post-handshake TLS encrypted data.
The vulnerability is caused when a socket is connected, data is sent by the
malicious peer and stored in a buffer, and then the malicious peer closes the
socket within a small timing window before the other peers’ TLS handshake can
begin. After this sequence of events the closed socket will not immediately
attempt a TLS handshake due to not being connected but will also allow the
buffered data to be read as if a successful TLS handshake had occurred.
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
Diffstat (limited to 'Lib/idlelib/sidebar.py')
0 files changed, 0 insertions, 0 deletions