Package: python2.7 Version: 2.7.5-7 Severity: grave Tags: security upstream patch
Hi, the following vulnerability was published for python2.7 CVE-2013-4238[0]: Python SSL module does not handle certificates that contain hostnames with NULL bytes See also upstream bugreport [1] which contains patches (also including tests). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4238 [1] http://bugs.python.org/issue18709 Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
