PublicDateAtUSN: 2013-08-17
Candidate: CVE-2013-4238
PublicDate: 2013-08-18 02:52:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238
 http://bugs.python.org/issue18709
 https://bugs.mageia.org/show_bug.cgi?id=10989
 https://ubuntu.com/security/notices/USN-1983-1
 https://ubuntu.com/security/notices/USN-1982-1
 https://ubuntu.com/security/notices/USN-1985-1
 https://ubuntu.com/security/notices/USN-1984-1
Description:
 The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4
 does not properly handle a '\0' character in a domain name in the Subject
 Alternative Name field of an X.509 certificate, which allows
 man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
 certificate issued by a legitimate Certification Authority, a related issue
 to CVE-2009-2408.
Ubuntu-Description:
Notes:
 jdstrand> reproducer in upstream report
Bugs:
 http://bugs.python.org/issue18709
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566 (python2.7)
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719567 (python3.3)
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719568 (python3.2)
Priority: medium
Discovered-by: Ryan Sleevi
Assigned-to: mdeslaur
CVSS: 

Patches_python2.6:
 upstream: http://hg.python.org/cpython/rev/79007c4244d6
 upstream: http://hg.python.org/cpython/rev/50803d881a92 (regression)
 upstream: http://hg.python.org/cpython/rev/07ee48ce4513 (fix)
upstream_python2.6: needed
lucid_python2.6: released (2.6.5-1ubuntu6.2)
precise_python2.6: DNE
quantal_python2.6: DNE
raring_python2.6: DNE
devel_python2.6: DNE

Patches_python2.7:
 upstream: http://hg.python.org/cpython/rev/bd2360476bdb
 upstream: http://hg.python.org/cpython/rev/1cd24ea5abeb (regression)
 upstream: http://hg.python.org/cpython/rev/a7d5b86ffb95 (fix)
upstream_python2.7: needed
lucid_python2.7: DNE
precise_python2.7: released (2.7.3-0ubuntu3.4)
quantal_python2.7: released (2.7.3-5ubuntu4.3)
raring_python2.7: released (2.7.4-2ubuntu3.2)
devel_python2.7: not-affected (2.7.5-8ubuntu3)

Patches_python3.1:
upstream_python3.1: needed
lucid_python3.1: ignored (reached end-of-life)
precise_python3.1: DNE
quantal_python3.1: DNE
raring_python3.1: DNE
devel_python3.1: DNE

Patches_python3.2:
upstream_python3.2: needed
lucid_python3.2: DNE
precise_python3.2: released (3.2.3-0ubuntu3.5)
quantal_python3.2: released (3.2.3-6ubuntu3.4)
raring_python3.2: DNE
devel_python3.2: DNE

Patches_python3.3:
 upstream: http://hg.python.org/cpython/rev/7a0f398d1a5c (trunk)
 upstream: http://hg.python.org/cpython/rev/577e9402cadd (trunk regression)
 upstream: http://hg.python.org/cpython/rev/4e93f32176fb (trunk fix)
 upstream: http://hg.python.org/cpython/rev/c9f073e593b0 (3.3)
 upstream: http://hg.python.org/cpython/rev/004743d210e4 (3.3 regression)
 upstream: http://hg.python.org/cpython/rev/90040e560527 (3.3 fix)
upstream_python3.3: needed
lucid_python3.3: DNE
precise_python3.3: DNE
quantal_python3.3: released (3.3.0-1ubuntu0.1)
raring_python3.3: released (3.3.1-1ubuntu5.2)
devel_python3.3: not-affected (3.3.2-7ubuntu2)