Message 254919 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Lukasa
Recipients	Lukasa
Date	2015-11-19.18:20:06
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1447957206.43.0.0576774321996.issue25672@psf.upfronthosting.co.za>
In-reply-to

Content
Oh, one further requirement: we should not set this mode for OpenSSL releases 1.x through 1.0.1g, which have a NULL pointer dereference vulnerability (CVE 2014-0198). Thanks to Marc-Andre Lemburg for spotting this. See also: https://www.rapid7.com/db/vulnerabilities/http-openssl-cve-2014-0198

Oh, one further requirement: we should *not* set this mode for OpenSSL releases 1.x through 1.0.1g, which have a NULL pointer dereference vulnerability (CVE 2014-0198). Thanks to Marc-Andre Lemburg for spotting this.

See also: https://www.rapid7.com/db/vulnerabilities/http-openssl-cve-2014-0198

History
Date	User	Action	Args
2015-11-19 18:20:06	Lukasa	set	recipients: + Lukasa
2015-11-19 18:20:06	Lukasa	set	messageid: <1447957206.43.0.0576774321996.issue25672@psf.upfronthosting.co.za>
2015-11-19 18:20:06	Lukasa	link	issue25672 messages
2015-11-19 18:20:06	Lukasa	create