Ubuntu: Security Advisory (USN-1965-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for pyOpenSSL FEDORA-2013-15925

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1965-1: pyOpenSSL vulnerability

It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

[SECURITY] Fedora 20 Update: pyOpenSSL-0.13.1-1.fc20

High-level wrapper around a subset of the OpenSSL library, includes among o thers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...

Debian: Security Advisory (DSA-2763-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : pyOpenSSL-0.13.1-1.fc20 (2013-15843)

New minor upstream release fixing a security issue and a bug. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 18 : pyOpenSSL-0.13.1-1.fc18 (2013-15881)

New minor upstream release fixing a security issue and a bug. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 19 : pyOpenSSL-0.13.1-1.fc19 (2013-15925)

New minor upstream release fixing a security issue and a bug. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

[SECURITY] Fedora 18 Update: pyOpenSSL-0.13.1-1.fc18

High-level wrapper around a subset of the OpenSSL library, includes among o thers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...

[SECURITY] Fedora 19 Update: pyOpenSSL-0.13.1-1.fc19

High-level wrapper around a subset of the OpenSSL library, includes among o thers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...

Updated python-OpenSSL package fixes security vulnerability

The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing CVE-2013-4314...

PT-2013-4953 · Openssl · Pyopenssl

Name of the Vulnerable Software and Affected Versions: pyOpenSSL versions prior to 0.13.1 Description: The issue arises from the improper handling of a 0 character in a domain name within the Subject Alternative Name field of an X.509 certificate by the X509Extension in pyOpenSSL. This allows...

CVE-2013-4314

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...