Parent Directory | Revision Log
MGASA-2013-0277
1 | type: security |
2 | subject: Updated python-OpenSSL package fixes security vulnerability |
3 | CVE: |
4 | - CVE-2013-4314 |
5 | src: |
6 | 2: |
7 | core: |
8 | - python-OpenSSL-0.12-1.1.mga2 |
9 | 3: |
10 | core: |
11 | - python-OpenSSL-0.13-2.1.mga3 |
12 | description: | |
13 | The string formatting of subjectAltName X509Extension instances in |
14 | pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when |
15 | encountering a null byte, possibly allowing man-in-the-middle attacks |
16 | through certificate spoofing (CVE-2013-4314). |
17 | references: |
18 | - https://bugs.mageia.org/show_bug.cgi?id=11206 |
19 | - https://mail.python.org/pipermail/pyopenssl-users/2013-September/000478.html |
20 | - https://bugzilla.redhat.com/show_bug.cgi?id=1005325 |
21 | ID: MGASA-2013-0277 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |