Message196823
So, is this a security issue? I've been wondering if I should apply the attached patch to the backports-ssl_match_hostname module on pypi. I was hoping there'd be some information here as to whether this will be going into the stdlib in the future.
Thus far, ssl_match_hostname has just been a backport of the match_hostname function but if this is a security problem, I could press for us to diverge from the python3 stdlib. It would be easier to make the case if this is seen as a critical problem that will need to be fixed even if the current patch might not be the eventual fix. |
|
Date |
User |
Action |
Args |
2013-09-03 03:59:24 | a.badger | set | recipients:
+ a.badger, loewis, barry, pitrou, christian.heimes, Arfrever, Ben.Darnell, t-8ch |
2013-09-03 03:59:24 | a.badger | set | messageid: <1378180764.48.0.487437798903.issue17997@psf.upfronthosting.co.za> |
2013-09-03 03:59:24 | a.badger | link | issue17997 messages |
2013-09-03 03:59:23 | a.badger | create | |
|