This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients barry, benjamin.peterson, loewis, pitrou
Date 2012-01-27.08:25:52
SpamBayes Score 0.03856435
Marked as misclassified No
Message-id <1327652753.95.0.174471030951.issue13885@psf.upfronthosting.co.za>
In-reply-to
Content
Original e-mail from Apple security team:

> Follow-up:  187806281
> 
> SSL 3.0 and TLS 1.0 are vulnerable to an attack described at
> 
> http://www.openssl.org/~bodo/tls-cbc.txt
> 
> OpenSSL includes a countermeasure which prevents the attack, but python
> 2.7 has, around line 372 of Modules/_ssl.c:
> 
> SSL_CTX_set_options(self->ctx, SSL_OP_ALL);
> 
> SSL_OP_ALL includes SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS which disables the 
> countermeasure.
> 
> 2.6 is similar.
History
Date User Action Args
2012-01-27 08:25:54pitrousetrecipients: + pitrou, loewis, barry, benjamin.peterson
2012-01-27 08:25:53pitrousetmessageid: <1327652753.95.0.174471030951.issue13885@psf.upfronthosting.co.za>
2012-01-27 08:25:53pitroulinkissue13885 messages
2012-01-27 08:25:52pitroucreate