Your message dated Tue, 17 Sep 2013 15:50:55 +0000 with message-id <e1vlxyf-00048y...@franck.debian.org> and subject line Bug#719567: fixed in python3.3 3.3.2-6 has caused the Debian Bug report #719567, regarding python3.3: CVE-2013-4238: Python SSL module does not handle certificates that contain hostnames with NULL bytes to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 719567: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719567 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: python3.3 Version: 3.3.2-5 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for python3.3 CVE-2013-4238[0]: Python SSL module does not handle certificates that contain hostnames with NULL bytes See also upstream bugreport [1] which contains patches (also including tests). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4238 [1] http://bugs.python.org/issue18709 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: python3.3 Source-Version: 3.3.2-6 We believe that the bug you reported is fixed in the latest version of python3.3, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 719...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Klose <d...@debian.org> (supplier of updated python3.3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 17 Sep 2013 15:12:00 +0200 Source: python3.3 Binary: python3.3 libpython3.3-stdlib python3.3-minimal libpython3.3-minimal libpython3.3 python3.3-examples python3.3-dev libpython3.3-dev libpython3.3-testsuite idle-python3.3 python3.3-doc python3.3-dbg libpython3.3-dbg Architecture: source all amd64 Version: 3.3.2-6 Distribution: unstable Urgency: medium Maintainer: Matthias Klose <d...@debian.org> Changed-By: Matthias Klose <d...@debian.org> Description: idle-python3.3 - IDE for Python (v3.3) using Tkinter libpython3.3 - Shared Python runtime library (version 3.3) libpython3.3-dbg - Debug Build of the Python Interpreter (version 3.3) libpython3.3-dev - Header files and a static library for Python (v3.3) libpython3.3-minimal - Minimal subset of the Python language (version 3.3) libpython3.3-stdlib - Interactive high-level object-oriented language (standard library libpython3.3-testsuite - Testsuite for the Python standard library (v3.3) python3.3 - Interactive high-level object-oriented language (version 3.3) python3.3-dbg - Debug Build of the Python Interpreter (version 3.3) python3.3-dev - Header files and a static library for Python (v3.3) python3.3-doc - Documentation for the high-level object-oriented language Python python3.3-examples - Examples for the Python language (v3.3) python3.3-minimal - Minimal subset of the Python language (version 3.3) Closes: 714802 719567 Changes: python3.3 (3.3.2-6) unstable; urgency=medium . * Update to 20130917 from the 3.3 branch. - Fix SSL module to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238). Closes: #719567. * Don't run the curses autopkg test. * Set Multi-Arch attributes for binary packages. * Fix multiarch include header for sparc64. Closes: #714802. Checksums-Sha1: 993e9ad82d1ad283027c0d6ebd48c7122d8027c5 2401 python3.3_3.3.2-6.dsc a565d49e68475b2e15e05348c2b614ba09af0f5f 692406 python3.3_3.3.2-6.diff.gz b1ba9f9d9affe8d992064dbcd6ecab4ec7c0be12 332904 python3.3-examples_3.3.2-6_all.deb 07e44a4a96d95d5e9e5e6d4d7a1ff89ed84b191d 2613946 libpython3.3-testsuite_3.3.2-6_all.deb 8e69a33be096bfdab6864a02828a4dd1bf75a8dc 77700 idle-python3.3_3.3.2-6_all.deb eecb13e0048d270227a58f3b6027f1a797aeda03 4772174 python3.3-doc_3.3.2-6_all.deb f5676d9bc3e633b7e937aece770a2a0b12e214f9 152454 python3.3_3.3.2-6_amd64.deb 17a430aa645dd1320d1bbc3a9f5638c12847d2f7 2059732 libpython3.3-stdlib_3.3.2-6_amd64.deb 718a05a334e0f7f34473ca13aae6db3ffe1eae9b 1409284 python3.3-minimal_3.3.2-6_amd64.deb c3c9c4026b8b5d44f4d13d3194f02d1664ec2054 392296 libpython3.3-minimal_3.3.2-6_amd64.deb 30c17fa9fa019caa860781210e40278af9b2a9e2 1266282 libpython3.3_3.3.2-6_amd64.deb f54e307f69ffcff479cbc6f1c8759352bb17452b 391596 python3.3-dev_3.3.2-6_amd64.deb c9ea8f1f0f78504d241c070135365a7c70afb74d 25767406 libpython3.3-dev_3.3.2-6_amd64.deb 45d80afbf75f20bf494b33be671c17d1e081fe9f 7281100 python3.3-dbg_3.3.2-6_amd64.deb 41921f583b986678f52e7040abedbae9069cce2f 4674336 libpython3.3-dbg_3.3.2-6_amd64.deb Checksums-Sha256: 9405f2594714b05908881f81923c86d5e153d1cce3a4418f61971d1b7acd24f0 2401 python3.3_3.3.2-6.dsc 253b867e991e70eea098bb3d512d92007d745f881e9984c97412f7c514e32593 692406 python3.3_3.3.2-6.diff.gz b12a01ed02302d7f4f14d15043289b33b0d936516656e51f2bd590382616babe 332904 python3.3-examples_3.3.2-6_all.deb a3408cb04bc7e188cd35a49e886c46b33a87e71263ceffc063cc558b994e5244 2613946 libpython3.3-testsuite_3.3.2-6_all.deb d522cf88c8b0e229b32d61755b4373bba13a45f3c4eec215657bfc707b3b9b3f 77700 idle-python3.3_3.3.2-6_all.deb 08acaacc9650ff6d5674ccf26e659d6ce7fe076dcd9932c05bc2d4389b38f6fe 4772174 python3.3-doc_3.3.2-6_all.deb 90ca5c81a9f01a35d9b31857eda327ea947073c5401f78ca105d674899ca7279 152454 python3.3_3.3.2-6_amd64.deb 68e83b7ecf6fcd818b0df5cf8453b7a3407ed28589ce0ffd6c6ab6e35669ca1a 2059732 libpython3.3-stdlib_3.3.2-6_amd64.deb 2c114ee4ec5c2a7df78592dd095725d9403067687b36879510f3b8e7ea384658 1409284 python3.3-minimal_3.3.2-6_amd64.deb da7ee627fb1b7c9887f5a95c7c27c9c2678578247bacc12020a9555b4ce07204 392296 libpython3.3-minimal_3.3.2-6_amd64.deb 60638d8592a8577eab1f643cccb76bfbf5f0dd52e8a7657c785c9aade6a0393c 1266282 libpython3.3_3.3.2-6_amd64.deb 905d1c2bcc49634528a9e4a9edee5d7c15dc67d571b09bddacd9c6e1954e1e53 391596 python3.3-dev_3.3.2-6_amd64.deb a31c32b2463173effacd4f8d8114f2b44f58c53c07815b40cf32f31b942239d7 25767406 libpython3.3-dev_3.3.2-6_amd64.deb 8d21533de280c7d42e8ad17a29cda64c11464aad561a585d76960de826b47f94 7281100 python3.3-dbg_3.3.2-6_amd64.deb a3ed0e201804ebb0ccd788b4b661afd9740bd0d3c5d05e7e055fd3f6cbbaf9b2 4674336 libpython3.3-dbg_3.3.2-6_amd64.deb Files: 8c205c931783d14845b8bb11e7734b17 2401 python optional python3.3_3.3.2-6.dsc 636cbc41030441d21277cd4025e19355 692406 python optional python3.3_3.3.2-6.diff.gz c6cea0d855f21badc1bc940426956861 332904 python optional python3.3-examples_3.3.2-6_all.deb e52ba567521abf796619c3aa476d7d8d 2613946 libdevel optional libpython3.3-testsuite_3.3.2-6_all.deb a006a7f40b5f5cce218b42d60b8292aa 77700 python optional idle-python3.3_3.3.2-6_all.deb 86f4eb86d7d240ce274d9c7b26c042de 4772174 doc optional python3.3-doc_3.3.2-6_all.deb e5cf6ab9a7cf0046516f27a8d1e369be 152454 python optional python3.3_3.3.2-6_amd64.deb 6aab57466f7d83d967012bbea7d31535 2059732 python optional libpython3.3-stdlib_3.3.2-6_amd64.deb 72045a3c157b641d48e8ed6ced80c8a3 1409284 python optional python3.3-minimal_3.3.2-6_amd64.deb 2d07c4fb8093818e9e89fa77c6517905 392296 python optional libpython3.3-minimal_3.3.2-6_amd64.deb 136926daf4265066731fc4a8067efc73 1266282 libs optional libpython3.3_3.3.2-6_amd64.deb 6a2f4a3adcefdbd030cd44c0dfb9e321 391596 python optional python3.3-dev_3.3.2-6_amd64.deb 1e65006cc59cb96f81e870a0b089eae8 25767406 libdevel optional libpython3.3-dev_3.3.2-6_amd64.deb bb1e678ab7680d568f20176c95bee3e8 7281100 debug extra python3.3-dbg_3.3.2-6_amd64.deb aa28e9252a7c5425bffb1939b6a149cc 4674336 debug extra libpython3.3-dbg_3.3.2-6_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iEYEARECAAYFAlI4c0kACgkQStlRaw+TLJyCSACggNJ2wDF4bQMFPm01cSVKgL5d oxgAn1RnDPaQbb0mVw9gsdAZfRq4ayh2 =NF0g -----END PGP SIGNATURE-----
--- End Message ---
