On 8/13/2013 5:06 AM, Christian Heimes wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-4238 has been signed to NULL bytes in subjectAltName issue.
assigned...
http://bugs.python.org/issue18709
http://www.openwall.com/lists/oss-security/2013/08/13/2
Should we assign a C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
CVE-2013-4238 has been signed to NULL bytes in subjectAltName issue.
http://bugs.python.org/issue18709
http://www.openwall.com/lists/oss-security/2013/08/13/2
Should we assign a CVE to issue in ssl.match_hostname(), too? Even
more projects have
Hi,
On Mon, 12 Aug 2013 19:18:17 +0200
Christian Heimes wrote:
> related issue: Mozilla's certdata.txt and CKT_NSS_MUST_VERIFY_TRUST
> - ---
>
> Recently I found bugs in curl's mk-ca-bundle.pl script, its cacert.pem
> and in the CA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
last week Ryan Sleevi of the Google Chrome Security Team has informed
us about about two issues in Python's SSL module. I already new about
the cause of the first bug and suspected that our SSL module suffers
from the second bug but I was una
