Package: python3.3 Version: 3.3.2-5 Severity: grave Tags: security upstream patch
Hi, the following vulnerability was published for python3.3 CVE-2013-4238[0]: Python SSL module does not handle certificates that contain hostnames with NULL bytes See also upstream bugreport [1] which contains patches (also including tests). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4238 [1] http://bugs.python.org/issue18709 Regards, Salvatore _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
