Message 333709 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	Talos
Recipients	Talos
Date	2019年01月15日.16:24:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1547569468.87.0.514647021744.issue35746@roundup.psfhosted.org>

Content
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Content

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

History
Date	User	Action	Args
2019年01月15日 16:24:33	Talos	set	recipients: + Talos
2019年01月15日 16:24:28	Talos	set	messageid: <1547569468.87.0.514647021744.issue35746@roundup.psfhosted.org>
2019年01月15日 16:24:28	Talos	link	issue35746 messages
2019年01月15日 16:24:28	Talos	create

homepage