Title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238) · Issue #62909 · python/cpython · GitHub
Open Graph Title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238) · Issue #62909 · python/cpython
X Title: SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238) · Issue #62909 · python/cpython
Description: BPO 18709 Nosy @warsaw, @birkenfeld, @vstinner, @larryhastings, @tiran, @benjaminp, @merwok, @dstufft, @abn Files nullbytecert.pem: Malicious certificateCVE-2013-4073_py34.patch: Patch for Python 3.4CVE-2013-4073_py33.patch: Patch for Py...
Open Graph Description: BPO 18709 Nosy @warsaw, @birkenfeld, @vstinner, @larryhastings, @tiran, @benjaminp, @merwok, @dstufft, @abn Files nullbytecert.pem: Malicious certificateCVE-2013-4073_py34.patch: Patch for Python 3...
X Description: BPO 18709 Nosy @warsaw, @birkenfeld, @vstinner, @larryhastings, @tiran, @benjaminp, @merwok, @dstufft, @abn Files nullbytecert.pem: Malicious certificateCVE-2013-4073_py34.patch: Patch for Python 3...
Opengraph URL: https://github.com/python/cpython/issues/62909
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)","articleBody":"BPO | [18709](https://bugs.python.org/issue18709)\n--- | :---\nNosy | @warsaw, @birkenfeld, @vstinner, @larryhastings, @tiran, @benjaminp, @merwok, @dstufft, @abn\nFiles | \u003cli\u003e[nullbytecert.pem](https://bugs.python.org/file31240/nullbytecert.pem \"Uploaded as application/x-x509-ca-cert at 2013-08-12.11:34:13 by @tiran\"): Malicious certificate\u003c/li\u003e\u003cli\u003e[CVE-2013-4073_py34.patch](https://bugs.python.org/file31241/CVE-2013-4073_py34.patch \"Uploaded as text/plain at 2013-08-12.11:34:31 by @tiran\"): Patch for Python 3.4\u003c/li\u003e\u003cli\u003e[CVE-2013-4073_py33.patch](https://bugs.python.org/file31242/CVE-2013-4073_py33.patch \"Uploaded as text/plain at 2013-08-12.11:34:49 by @tiran\"): Patch for Python 3.3\u003c/li\u003e\u003cli\u003e[CVE-2013-4073_py27.patch](https://bugs.python.org/file31243/CVE-2013-4073_py27.patch \"Uploaded as text/plain at 2013-08-12.11:35:05 by @tiran\"): Patch for Python 2.7\u003c/li\u003e\u003cli\u003e[CVE-2013-4073_py26.patch](https://bugs.python.org/file31309/CVE-2013-4073_py26.patch \"Uploaded as text/plain at 2013-08-16.00:37:01 by @tiran\")\u003c/li\u003e\u003cli\u003e[CVE-2013-4238-py31.patch](https://bugs.python.org/file31330/CVE-2013-4238-py31.patch \"Uploaded as text/plain at 2013-08-16.23:22:53 by @tiran\"): Patch for Python 3.1\u003c/li\u003e\u003cli\u003e[CVE-2013-4238-py32.patch](https://bugs.python.org/file31331/CVE-2013-4238-py32.patch \"Uploaded as text/plain at 2013-08-16.23:25:16 by @tiran\"): Patch for Python 3.2\u003c/li\u003e\n\n\u003csup\u003e*Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.*\u003c/sup\u003e\n\n\u003cdetails\u003e\u003csummary\u003eShow more details\u003c/summary\u003e\u003cp\u003e\n\nGitHub fields:\n```python\nassignee = 'https://github.com/birkenfeld'\nclosed_at = \u003cDate 2014-09-30.12:47:58.447\u003e\ncreated_at = \u003cDate 2013-08-12.11:32:52.317\u003e\nlabels = ['type-security', 'extension-modules', 'release-blocker']\ntitle = 'SSL module fails to handle NULL bytes inside subjectAltNames general names (CVE-2013-4238)'\nupdated_at = \u003cDate 2018-08-14.12:45:53.022\u003e\nuser = 'https://github.com/tiran'\n```\n\nbugs.python.org fields:\n```python\nactivity = \u003cDate 2018-08-14.12:45:53.022\u003e\nactor = 'christian.heimes'\nassignee = 'georg.brandl'\nclosed = True\nclosed_date = \u003cDate 2014-09-30.12:47:58.447\u003e\ncloser = 'georg.brandl'\ncomponents = ['Extension Modules']\ncreation = \u003cDate 2013-08-12.11:32:52.317\u003e\ncreator = 'christian.heimes'\ndependencies = []\nfiles = ['31240', '31241', '31242', '31243', '31309', '31330', '31331']\nhgrepos = []\nissue_num = 18709\nkeywords = ['patch']\nmessage_count = 31.0\nmessages = ['194944', '194945', '194958', '194959', '195043', '195056', '195069', '195307', '195347', '195438', '195440', '195992', '196113', '196121', '196122', '196565', '196566', '196776', '196777', '196779', '196999', '197692', '197793', '200343', '200377', '200395', '203168', '214973', '227894', '323510', '323514']\nnosy_count = 13.0\nnosy_names = ['barry', 'georg.brandl', 'vstinner', 'larry', 'christian.heimes', 'benjamin.peterson', 'eric.araujo', 'Arfrever', 'python-dev', 'dstufft', 'abn', 'sYnfo', 'Anuj']\npr_nums = []\npriority = 'release blocker'\nresolution = 'fixed'\nstage = 'resolved'\nstatus = 'closed'\nsuperseder = None\ntype = 'security'\nurl = 'https://bugs.python.org/issue18709'\nversions = ['Python 3.2']\n```\n\n\u003c/p\u003e\u003c/details\u003e\n","author":{"url":"https://github.com/tiran","@type":"Person","name":"tiran"},"datePublished":"2013-08-12T11:32:52.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":31},"url":"https://github.com/62909/cpython/issues/62909"}
| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:8a194c1a-5393-f5bf-5f58-c848ebb18ab4 |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | DFAE:17FA4:3B52FA:512F20:6A4D9F11 |
| html-safe-nonce | 6a185f985a4c0a7b27a0728a1a9e37a4152e5b1575388cbe220b101b489c19f0 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJERkFFOjE3RkE0OjNCNTJGQTo1MTJGMjA6NkE0RDlGMTEiLCJ2aXNpdG9yX2lkIjoiMTA3MTUwMDI1MjI4NjkxODQxNyIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | b8f9e114b9c40e483eba527c0947e8d533e22b981d949e1c3ebd483dfda169da |
| hovercard-subject-tag | issue:1198903764 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/python/cpython/62909/issue_layout |
| twitter:image | https://opengraph.githubassets.com/f30d84ea1ed93732e94acc790aa9ae06e42e63ba8c387f163669a496e372b9a2/python/cpython/issues/62909 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/f30d84ea1ed93732e94acc790aa9ae06e42e63ba8c387f163669a496e372b9a2/python/cpython/issues/62909 |
| og:image:alt | BPO 18709 Nosy @warsaw, @birkenfeld, @vstinner, @larryhastings, @tiran, @benjaminp, @merwok, @dstufft, @abn Files nullbytecert.pem: Malicious certificateCVE-2013-4073_py34.patch: Patch for Python 3... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | tiran |
| hostname | github.com |
| expected-hostname | github.com |
| None | 06b8a6144231bf3a234f1c2e9993861e07ce98a905912b114aa386c2d7e84b33 |
| turbo-cache-control | no-preview |
| go-import | github.com/python/cpython git https://github.com/python/cpython.git |
| octolytics-dimension-user_id | 1525981 |
| octolytics-dimension-user_login | python |
| octolytics-dimension-repository_id | 81598961 |
| octolytics-dimension-repository_nwo | python/cpython |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 81598961 |
| octolytics-dimension-repository_network_root_nwo | python/cpython |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 7f13faa65cccc9b729d674da83335d5dcfdfd193 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width