2 |
subject: Updated python3, bzr and some python packages fix security vulnerabilties |
subject: Updated python3, bzr and some python packages fix security vulnerabilties |
3 |
CVE: |
CVE: |
4 |
- CVE-2013-2099 |
- CVE-2013-2099 |
5 |
- CVE-2013-4328 |
- CVE-2013-4238 |
6 |
src: |
src: |
7 |
2: |
2: |
8 |
core: |
core: |
32 |
module doesn't handle NULL bytes inside subjectAltNames general names. This |
module doesn't handle NULL bytes inside subjectAltNames general names. This |
33 |
could lead to a breach when an application uses ssl.match_hostname() to match |
could lead to a breach when an application uses ssl.match_hostname() to match |
34 |
the hostname againt the certificate's subjectAltName's dNSName general names. |
the hostname againt the certificate's subjectAltName's dNSName general names. |
35 |
(CVE-2013-4328). |
(CVE-2013-4238). |
36 |
|
|
37 |
Additionally, a linking issue when compiling C extensions for Python 3 has been |
Additionally, a linking issue when compiling C extensions for Python 3 has been |
38 |
fixed in Mageia 3 (mga#9395). |
fixed in Mageia 3 (mga#9395). |