commit | d02ac25ab0879f1a6de6937573bf00a16b7bd22e | [log] [tgz] |
---|---|---|
author | Christian Heimes <christian@python.org> | Sun Mar 25 12:36:13 2018 +0200 |
committer | GitHub <noreply@github.com> | Sun Mar 25 12:36:13 2018 +0200 |
tree | a0843a85918e73dc71d7279eac60382928c95de7 | |
parent | e4ce9fa89cb542dced553710b05de85202bc4715 [diff] |
bpo-33136: Harden ssl module against CVE-2018-8970 (GH-6229) Harden ssl module against LibreSSL CVE-2018-8970. X509_VERIFY_PARAM_set1_host() is called with an explicit namelen. A new test ensures that NULL bytes are not allowed. Signed-off-by: Christian Heimes <christian@python.org>