[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: These Python versions no longer receive security updates. Please update. -- ___ Python tracker ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Anuj added the comment: Do we have patch for 3.1 version, or 3.2 patch will be also OK? -- nosy: +Anuj ___ Python tracker ___ ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Roundup Robot added the comment: New changeset 386b0f478117 by Georg Brandl in branch '3.2': Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes https://hg.python.org/cpython/rev/386b0f478117 -- ___ Python tracker

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Georg Brandl ge...@python.org: -- status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___ ___ Python-bugs-list

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Éric Araujo added the comment: Not sure if 3.2 is still open to security fixes. -- nosy: +eric.araujo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: The patch hasn't been committed to 3.2 yet. -- assignee: - georg.brandl versions: -Python 3.1 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Matěj Stuchlík added the comment: There's no longer any suspicion, no, at least from my side. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: I don't get it. Has somebody found a memory leak in my patch? Larry, I have removed 2.7, 3.3 and 3.4 from the affected versions. They fix has already landed. 3.1 and 3.2 are still open, though. Georg, the patch for 3.2 is still up to date. Are you going to

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Larry Hastings added the comment: So, this is fixed, but there's some suspicion of a memory leak? If that's true, maybe we could mark this as closed then open a new bug for the leak? This shows up as a big scary release blocker against 3.4, and I'm like making releases and stuff. --

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Barry A. Warsaw added the comment: I'm removing 2.6 from the Versions field since AFAIK we've resolved this issue for 2.6. This way it'll be easier to scan the blockers for 2.6.9. If anyone things we still have things to address for this issue in 2.6.9, please reassign it or follow up.

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Georg Brandl added the comment: Christian, is the -py32 patch still up to date? -- nosy: +larry priority: critical - release blocker ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Charles-François Natali cf.nat...@gmail.com: -- nosy: -neologix ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___ ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Roundup Robot added the comment: New changeset 90040e560527 by Christian Heimes in branch '3.3': Issue #18709: GCC 4.6 complains that 'v' may be used uninitialized in GEN_EMAIL/GEN_URI/GEN_DNS case http://hg.python.org/cpython/rev/90040e560527 New changeset 4e93f32176fb by Christian Heimes in

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238) - SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Matěj Stuchlík added the comment: Doing 'valgrind --suppressions=valgrind-python.supp ./python Lib/tests/regrtest.py test_ssl.py' I'm getting ==11944== LEAK SUMMARY: ==11944==definitely lost: 32 bytes in 1 blocks ==11944==indirectly lost: 392 bytes in 16 blocks ==11944== possibly

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: I can't reproduce the memory leak. valgrind's output doesn't show suspicious memory leaks. ./configure --with-pydebug --config-cache valgrind --suppressions=Misc/valgrind-python.supp ./python Lib/test/test_ssl.py Python 3.4 tip -- ==26085==

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Matěj Stuchlík added the comment: Oh, I only checked the particular commit that fixed this issue in 2.6 (50803d881a92). I am not getting any leaks in 2.6 tip either, so I guess it was fixed somewhere along the way. Sorry for the confusion! -- ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Charles-François Natali cf.nat...@gmail.com: -- resolution: - fixed stage: patch review - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Charles-François Natali added the comment: Oops. -- status: closed - open ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___ ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

: patch review - committed/rejected status: open - closed ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___ -- title: SSL module fails to handle NULL bytes inside subjectAltNames general names

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Charles-François Natali added the comment: The test is failing on Tiger buildbots: == FAIL: test_parse_cert_CVE_2013_4238 (test.test_ssl.BasicSocketTests) --

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Donald Stufft don...@stufft.io: -- nosy: +dstufft ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___ ___ Python-bugs-list mailing

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Roundup Robot added the comment: New changeset 004743d210e4 by Christian Heimes in branch '3.3': Issue #18709: Fix issue with IPv6 address in subjectAltName on Mac OS X Tiger http://hg.python.org/cpython/rev/004743d210e4 New changeset 577e9402cadd by Christian Heimes in branch 'default': Issue

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: Tiger has OpenSSL 0.9.7 which doesn't support IPv6 addresses. I have added a workaround. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Roundup Robot added the comment: New changeset 79007c4244d6 by Barry Warsaw in branch '2.6': - Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes http://hg.python.org/cpython/rev/79007c4244d6 -- ___ Python tracker

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: For the record PHP has assigned CVE-2013-4248 for the issue. -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Roundup Robot added the comment: New changeset c9f073e593b0 by Christian Heimes in branch '3.3': Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes http://hg.python.org/cpython/rev/c9f073e593b0 New changeset 7a0f398d1a5c by Christian Heimes in branch 'default': Issue #18709:

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: I have applied the patch to 2.7, 3.3 and 3.4. Barry, Benjamin, Georg: Are you going to apply the patches yourselves? -- nosy: +benjamin.peterson, georg.brandl ___ Python tracker rep...@bugs.python.org

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Christian Heimes li...@cheimes.de: Added file: http://bugs.python.org/file31330/CVE-2013-4238-py31.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Christian Heimes li...@cheimes.de: Added file: http://bugs.python.org/file31331/CVE-2013-4238-py32.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: Brian Cameron from Oracle has requested a fix for Python 2.6. I have attached a patch for 2.6. In order to compile and test the patch I had to modify _ssl.c to handle OPENSSL_NO_SSL2. I also copied keycert.pem from 2.7 to fix two test failures. The former

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: Thanks! The title now references the new CVE #. -- title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4073) - SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com: -- nosy: +Arfrever ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709 ___

[issue18709] SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)

Christian Heimes added the comment: Python 3.1 is affected, too. 3.1 will recieve security fixes until June 2014. -- versions: +Python 3.1 ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue18709