Package: pyopenssl | Debian Sources

Package: pyopenssl / 0.13-2+deb7u1

Metadata

Package	Version	Patches format
pyopenssl	0.13-2+deb7u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
10_fix_doc_buildsystem.patch \| (download)	doc/Makefile \| 8 4 + 4 - 0 ! doc/tools/mkhowto \| 105 11 + 94 - 0 ! 2 files changed, 15 insertions(+), 98 deletions(-)	fix the doc build system, providing a working clean target and building the latex doc using htlatex (in main) instead of latex2html
disable_test_set_default_verify_paths.patch \| (download)	OpenSSL/test/test_ssl.py \| 27 14 + 13 - 0 ! 1 file changed, 14 insertions(+), 13 deletions(-)	disable test_set_default_verify_paths since it tries to access the web
CVE 2013 4314.patch \| (download)	OpenSSL/crypto/x509.c \| 1 1 + 0 - 0 ! OpenSSL/crypto/x509ext.c \| 83 78 + 5 - 0 ! OpenSSL/test/test_crypto.py \| 62 62 + 0 - 0 ! 3 files changed, 141 insertions(+), 5 deletions(-)	fix hostname check bypassing vulnerability Fix handling of NULL bytes inside subjectAltName general names when formatting an X509 extension as a string. . When a CA than an SSL client trusts issues a server certificate that has a null byte in the subjectAltName, remote attackers can obtain a certifcate for 'www.foo.org\0.example.com' from the CA to spoof 'www.foo.org' and conduct man-in-the-middle attacks between the pyOpenSSL-using client and SSL servers. . Additionally fix memory leak in get_extension().

Patch

File delta

Description

10_fix_doc_buildsystem.patch | (download)

doc/Makefile | 8 4 + 4 - 0 !
doc/tools/mkhowto | 105 11 + 94 - 0 !
2 files changed, 15 insertions(+), 98 deletions(-)

 fix the doc build system, providing a working clean target and building
the latex doc using htlatex (in main) instead of latex2html

disable_test_set_default_verify_paths.patch | (download)

OpenSSL/test/test_ssl.py | 27 14 + 13 - 0 !
1 file changed, 14 insertions(+), 13 deletions(-)

 disable test_set_default_verify_paths since it tries to access the web

CVE 2013 4314.patch | (download)

OpenSSL/crypto/x509.c | 1 1 + 0 - 0 !
OpenSSL/crypto/x509ext.c | 83 78 + 5 - 0 !
OpenSSL/test/test_crypto.py | 62 62 + 0 - 0 !
3 files changed, 141 insertions(+), 5 deletions(-)

 fix hostname check bypassing vulnerability
 Fix handling of NULL bytes inside subjectAltName general names when
 formatting an X509 extension as a string.
 .
 When a CA than an SSL client trusts issues a server certificate that
 has a null byte in the subjectAltName, remote attackers can obtain a
 certifcate for 'www.foo.org\0.example.com' from the CA to spoof
 'www.foo.org' and conduct man-in-the-middle attacks between the
 pyOpenSSL-using client and SSL servers.
 .
 Additionally fix memory leak in get_extension().