From ${URL} : The pyOpenSSL module implements hostname identity checks but it did not properly handle hostnames in the certificate that contain null bytes. In all releases prior to 0.13.1, the string formatting of subjectAltName X509Extension instances incorrectly truncated fields of the name when encountering the null byte. When a CA than an SSL client trusts issues a server certificate that has a null byte in the subjectAltName, remote attackers can obtain a certifcate for 'www.foo.org\0.example.com' from the CA to spoof 'www.foo.org' and conduct man-in-the-middle attacks between the pyOpenSSL-using client and SSL servers. [1] https://mail.python.org/pipermail/pyopenssl-users/2013-September/000478.html @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
CVE-2013-4314 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4314): The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
Upstream patch at http://bazaar.launchpad.net/~exarkun/pyopenssl/trunk/revision/169?start_revid=169
Arches, please stabilize.
amd64 stable
x86 stable
Arch teams, please test and mark stable: =dev-python/pyopenssl-0.13.1 Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Stable for HPPA.
ia64 stable
alpha stable
ppc stable
arm stable
ppc64 stable
sparc stable
GLSA vote: no
GLSA vote: no. Closing noglsa.
