- Package name
- Advisory ID
- Affected versions
- MBS1 x86_64
A vulnerability has been discovered and corrected in python-OpenSSL:
The string formatting of subjectAltName X509Extension instances in
pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when
encountering a null byte, possibly allowing man-in-the-middle attacks
through certificate spoofing (CVE-2013-4314).
The updated packages have been patched to correct this issue.
9c1a53018f31b26cee286d9c05e06e6c mbs1/x86_64/python-OpenSSL-0.12-2.1.mbs1.x86_64.rpm f6b4dc37dde9cc96018b1f98a9f4df93 mbs1/SRPMS/python-OpenSSL-0.12-2.1.mbs1.src.rpm