Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst · 06b15424b0dcacb1c551b2a36e739fffa8d0c595 · Kirill Smelkov / cpython

bpo-35746: Fix segfault in ssl's cert parser (GH-11569) · 06b15424

Miss Islington (bot) authored Jan 15, 2019


Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.
Signed-off-by: Christian Heimes <christian@python.org>

https://bugs.python.org/issue35746
(cherry picked from commit a37f5243)
Co-authored-by: Christian Heimes <christian@python.org>

06b15424

2019-01-15-18-16-05.bpo-35746.nMSd0j.rst 202 Bytes

Replace 2019-01-15-18-16-05.bpo-35746.nMSd0j.rst