Skip to main content

Browse the archive

Staging
v0.5.0
https://github.com/python/cpython
09 December 2020, 11:06:31 UTC
Revision 6c655ce34ae54adb8eef22b73108e22cc381cb8d authored by Victor Stinner on 25 February 2019, 21:28:36 UTC, committed by larryhastings on 25 February 2019, 21:28:36 UTC 
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (#11868)
 
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.

Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas
Edet of Cisco.

Signed-off-by: Christian Heimes <christian@python.org>

(cherry picked from commit a37f52436f9aa4b9292878b72f3ff1480e2606c3)
1 parent d16eaf3
History
Tip revision: 6c655ce34ae54adb8eef22b73108e22cc381cb8d authored by Victor Stinner on 25 February 2019, 21:28:36 UTC
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (#11868)
Tip revision: 6c655ce
File Mode Size
.github
Doc
Grammar
Include
Lib
Mac
Misc
Modules
Objects
PC
PCbuild
Parser
Python
Tools
.bzrignore -rw-r--r-- 584 bytes
.gitignore -rw-r--r-- 1.1 KB
.hgeol -rw-r--r-- 996 bytes
.hgignore -rw-r--r-- 1.3 KB
.hgtags -rw-r--r-- 7.2 KB
.hgtouch -rw-r--r-- 1.2 KB
.travis.yml -rw-r--r-- 2.8 KB
LICENSE -rw-r--r-- 12.5 KB
Makefile.pre.in -rw-r--r-- 54.0 KB
README -rw-r--r-- 6.6 KB
aclocal.m4 -rw-r--r-- 8.3 KB
config.guess -rwxr-xr-x 41.9 KB
config.sub -rwxr-xr-x 34.9 KB
configure -rwxr-xr-x 440.4 KB
configure.ac -rw-r--r-- 138.8 KB
install-sh -rwxr-xr-x 7.0 KB
pyconfig.h.in -rw-r--r-- 40.2 KB
setup.py -rw-r--r-- 95.4 KB

README

back to top