summaryrefslogtreecommitdiffstats
path: root/Misc
diff options
context:
space:
mode:
authorChristian Heimes <christian@cheimes.de>2013-08-16 22:58:00 (GMT)
committerChristian Heimes <christian@cheimes.de>2013-08-16 22:58:00 (GMT)
commite06d47c70cbef8ae77efe0e64cde3e682b66cb05 (patch)
tree0ef0b5989302c49cc67e9f729d6cc26f97f260ce /Misc
parent01a513b5d3d94c281f8b0eb8916af51ccddf8534 (diff)
parenta3811e4b8f70790a3dc8768a455cb8836670de37 (diff)
downloadcpython-e06d47c70cbef8ae77efe0e64cde3e682b66cb05.zip
cpython-e06d47c70cbef8ae77efe0e64cde3e682b66cb05.tar.gz
cpython-e06d47c70cbef8ae77efe0e64cde3e682b66cb05.tar.bz2
Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for rfc822Name (email), dNSName (DNS) and uniformResourceIdentifier (URI).
Diffstat (limited to 'Misc')
-rw-r--r--Misc/NEWS6
1 files changed, 6 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 1c532f6..b38677e 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -28,6 +28,12 @@ Core and Builtins
Library
-------
+- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
+ inside subjectAltName correctly. Formerly the module has used OpenSSL's
+ GENERAL_NAME_print() function to get the string represention of ASN.1
+ strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and
+ ``uniformResourceIdentifier`` (URI).
+
- Issue #18701: Remove support of old CPython versions (<3.0) from C code.
- Issue #18756: Improve error reporting in os.urandom() when the failure
generated by cgit v0.12 at 2024-11-26 06:19:04 (GMT)