/[advisories]/10391.adv
ViewVC logotype

Diff of /10391.adv

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 361 by tmb, Thu Aug 22 17:58:11 2013 UTC revision 374 by davidwhodgins, Mon Aug 26 19:14:32 2013 UTC
# Line 2  type: security Line 2  type: security
2  subject: Updated python3, bzr and some python packages fix security vulnerabilties  subject: Updated python3, bzr and some python packages fix security vulnerabilties
3  CVE:  CVE:
4   - CVE-2013-2099   - CVE-2013-2099
5   - CVE-2013-4328   - CVE-2013-4238
6  src:  src:
7    2:    2:
8     core:     core:
# Line 32  description: | Line 32  description: |
32    module doesn't handle NULL bytes inside subjectAltNames general names. This    module doesn't handle NULL bytes inside subjectAltNames general names. This
33    could lead to a breach when an application uses ssl.match_hostname() to match    could lead to a breach when an application uses ssl.match_hostname() to match
34    the hostname againt the certificate's subjectAltName's dNSName general names.    the hostname againt the certificate's subjectAltName's dNSName general names.
35    (CVE-2013-4328).    (CVE-2013-4238).
36    
37    Additionally, a linking issue when compiling C extensions for Python 3 has been    Additionally, a linking issue when compiling C extensions for Python 3 has been
38    fixed in Mageia 3 (mga#9395).    fixed in Mageia 3 (mga#9395).

Legend:
Removed from v.361  
changed lines
  Added in v.374

  ViewVC Help
Powered by ViewVC 1.1.28