Full Disclosure mailing list archives

Python ssl handling could be better...

From: dave b <db.pub.mail () gmail com>
Date: Thu, 30 Sep 2010 01:12:29 +1000

Python ssl handling could be better...
See http://bugs.python.org/issue1589 for more information.

The for example following are vulnerable:
1. hg  http://mercurial.selenic.com/bts/issue2407
2. bzr (only if pycurl isn't installed - which by default it isn't)
https://bugs.edge.launchpad.net/bzr/+bug/651161
3. libcloud http://github.com/apache/libcloud/issues/issue/2
4. linode-python http://github.com/tjfontaine/linode-python/issues#issue/1

This full disclosure posting is to get more people to be aware of
these issues so they can *fix* or not *make* them in the future.

--
This night methinks is but the daylight sick.           -- William Shakespeare,
"The Merchant of Venice"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Python ssl handling could be better... dave b (Sep 29)
- Re: Python ssl handling could be better... dave b (Sep 29)
- Message not available
  - Re: Python ssl handling could be better... dave b (Sep 29)