oss-sec mailing list archives
Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777
From: Tomas Hoger <thoger () redhat com>
Date: Thu, 5 Mar 2015 21:38:36 +0100
On Thu, 05 Mar 2015 17:06:38 +0000 John Haxby wrote:
PEP 476 cites 11 CVEs that resulted from python not properly validating certificates. This would be number 12. Shouldn't python versions prior to 2.7.9 and 3.4.3 have a CVE each for the lack of verification?
http://seclists.org/oss-sec/2014/q4/1028 -- Tomas Hoger / Red Hat Product Security
Current thread:
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777, (continued)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Michael Samuel (Mar 10)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Kurt Seifried (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 John Haxby (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Kurt Seifried (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Donald Stufft (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Michael Samuel (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Kurt Seifried (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Michael Samuel (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Kurt Seifried (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Michael Samuel (Mar 11)
- Re: Another Python app (rhn-setup: rhnreg_ks) not checking hostnames in certs properly CVE-2015-1777 Tomas Hoger (Mar 05)