commit | 82f88283171933127f20f866a7f98694b29cca56 | [log] [tgz] |
---|---|---|
author | Barry Warsaw <barry@python.org> | Fri Aug 23 13:26:49 2013 -0400 |
committer | Barry Warsaw <barry@python.org> | Fri Aug 23 13:26:49 2013 -0400 |
tree | 85f872fa42b336a9f739035e25007978d777f9ba | |
parent | f880e5d5eaef3233fb1cd2f747c8f0ba59c7f086 [diff] |
- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes inside subjectAltName correctly. Formerly the module has used OpenSSL's GENERAL_NAME_print() function to get the string represention of ASN.1 strings for `rfc822Name` (email), `dNSName` (DNS) and `uniformResourceIdentifier` (URI).