Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / 2dd885eaa0d427e84892673c83d697bca5427c8b
commit2dd885eaa0d427e84892673c83d697bca5427c8b[log] [tgz]
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>Sun Mar 25 04:28:20 2018 -0700
committerChristian Heimes <christian@python.org>Sun Mar 25 13:28:20 2018 +0200
tree94b922fbc13526a685da0a443e69b9a00c249a1e
parentc6d94c37f4fd863c73fbfbcc918fd23b458b5301 [diff]
[3.7] bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) (GH-6230)

Harden ssl module against LibreSSL CVE-2018-8970.
X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test
ensures that NULL bytes are not allowed.

Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit d02ac25ab0879f1a6de6937573bf00a16b7bd22e)

Co-authored-by: Christian Heimes <christian@python.org>
3 files changed
tree: 94b922fbc13526a685da0a443e69b9a00c249a1e
  1. .github/
  2. Doc/
  3. Grammar/
  4. Include/
  5. Lib/
  6. m4/
  7. Mac/
  8. Misc/
  9. Modules/
  10. Objects/
  11. Parser/
  12. PC/
  13. PCbuild/
  14. Programs/
  15. Python/
  16. Tools/
  17. .gitattributes
  18. .gitignore
  19. .travis.yml
  20. aclocal.m4
  21. config.guess
  22. config.sub
  23. configure
  24. configure.ac
  25. install-sh
  26. LICENSE
  27. Makefile.pre.in
  28. pyconfig.h.in
  29. README.rst
  30. setup.py