Author christian.heimes
Recipients christian.heimes
Date 2017-05-29.07:19:13
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1496042353.91.0.558550525758.issue30502@psf.upfronthosting.co.za>
In-reply-to
Content
Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory.

https://github.com/pyca/cryptography/pull/3612/
https://bugzilla.redhat.com/show_bug.cgi?id=1455755

CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway.
History
Date User Action Args
2017-05-29 07:19:13christian.heimessetrecipients: + christian.heimes
2017-05-29 07:19:13christian.heimessetmessageid: <1496042353.91.0.558550525758.issue30502@psf.upfronthosting.co.za>
2017-05-29 07:19:13christian.heimeslinkissue30502 messages
2017-05-29 07:19:13christian.heimescreate