Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-2099

Published: 16 May 2013

Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.

Priority

Low

Status

Package Release Status
bzr
Launchpad, Ubuntu, Debian
artful Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
bionic Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
cosmic Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
disco Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
impish Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
hirsute Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
jammy Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
vivid Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
precise Ignored
(end of life)
kinetic Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
lunar Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
eoan Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
focal Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
groovy Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
lucid Not vulnerable
(code not present)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
trusty Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
upstream
Released (2.6.0~bzr6574)
utopic Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
wily Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
xenial Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
yakkety Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
zesty Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
mantic Not vulnerable
(2.6.0~bzr6574-1ubuntu1)
Patches:
upstream: http://bazaar.launchpad.net/~bzr-pqm/bzr/bzr.dev/revision/6574




w3af
Launchpad, Ubuntu, Debian
artful Does not exist

impish Does not exist

hirsute Does not exist

vivid Ignored
(end of life)
bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

jammy Does not exist

kinetic Does not exist

lucid Ignored
(end of life)
lunar Does not exist

precise Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist
(trusty was needed)
upstream Needs triage

utopic Ignored
(end of life)
wily Ignored
(end of life)
xenial Needed

yakkety Ignored
(end of life)
zesty Does not exist

mantic Does not exist

linkchecker
Launchpad, Ubuntu, Debian
impish Not vulnerable
(8.6-2)
hirsute Not vulnerable
(8.6-2)
vivid Ignored
(end of life)
precise Ignored
(end of life)
kinetic Not vulnerable
(8.6-2)
lunar Not vulnerable
(8.6-2)
artful Not vulnerable
(8.6-2)
bionic Not vulnerable
(8.6-2)
cosmic Not vulnerable
(8.6-2)
disco Not vulnerable
(8.6-2)
eoan Not vulnerable
(8.6-2)
focal Does not exist

groovy Does not exist

jammy Not vulnerable
(8.6-2)
lucid Ignored
(end of life)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist
(trusty was not-affected [8.6-2])
upstream
Released (8.5-1)
utopic Ignored
(end of life)
wily Ignored
(end of life)
xenial Not vulnerable
(8.6-2)
yakkety Ignored
(end of life)
zesty Not vulnerable
(8.6-2)
mantic Not vulnerable
(8.6-2)
python-tornado
Launchpad, Ubuntu, Debian
impish Not vulnerable
(3.2.0-1ubuntu1)
hirsute Not vulnerable
(3.2.0-1ubuntu1)
precise Ignored
(end of life)
kinetic Not vulnerable
(3.2.0-1ubuntu1)
lunar Not vulnerable
(3.2.0-1ubuntu1)
artful Not vulnerable
(3.2.0-1ubuntu1)
bionic Not vulnerable
(3.2.0-1ubuntu1)
cosmic Not vulnerable
(3.2.0-1ubuntu1)
disco Not vulnerable
(3.2.0-1ubuntu1)
eoan Not vulnerable
(3.2.0-1ubuntu1)
focal Not vulnerable
(3.2.0-1ubuntu1)
groovy Not vulnerable
(3.2.0-1ubuntu1)
jammy Not vulnerable
(3.2.0-1ubuntu1)
lucid Does not exist

quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist
(trusty was not-affected [3.1.1-1ubuntu2])
upstream
Released (2.4.1-3)
utopic Not vulnerable
(3.2.0-1ubuntu1)
vivid Not vulnerable
(3.2.0-1ubuntu1)
wily Not vulnerable
(3.2.0-1ubuntu1)
xenial Not vulnerable
(3.2.0-1ubuntu1)
yakkety Not vulnerable
(3.2.0-1ubuntu1)
zesty Not vulnerable
(3.2.0-1ubuntu1)
mantic Not vulnerable
(3.2.0-1ubuntu1)
python-urllib3
Launchpad, Ubuntu, Debian
impish Not vulnerable
(1.6-2)
hirsute Not vulnerable
(1.6-2)
kinetic Not vulnerable
(1.6-2)
lunar Not vulnerable
(1.6-2)
artful Not vulnerable
(1.6-2)
bionic Not vulnerable
(1.6-2)
cosmic Not vulnerable
(1.6-2)
disco Not vulnerable
(1.6-2)
eoan Not vulnerable
(1.6-2)
focal Not vulnerable
(1.6-2)
groovy Not vulnerable
(1.6-2)
jammy Not vulnerable
(1.6-2)
lucid Does not exist

precise Does not exist

quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Not vulnerable
(1.6-2)
trusty Not vulnerable
(1.6-2)
upstream
Released (1.6-2)
utopic Not vulnerable
(1.6-2)
vivid Not vulnerable
(1.6-2)
wily Not vulnerable
(1.6-2)
xenial Not vulnerable
(1.6-2)
yakkety Not vulnerable
(1.6-2)
zesty Not vulnerable
(1.6-2)
mantic Not vulnerable
(1.6-2)
python2.7
Launchpad, Ubuntu, Debian
impish Not vulnerable
(2.7.5-5ubuntu1)
kinetic Not vulnerable
(2.7.5-5ubuntu1)
artful Not vulnerable
(2.7.5-5ubuntu1)
bionic Not vulnerable
(2.7.5-5ubuntu1)
cosmic Not vulnerable
(2.7.5-5ubuntu1)
disco Not vulnerable
(2.7.5-5ubuntu1)
eoan Not vulnerable
(2.7.5-5ubuntu1)
focal Not vulnerable
(2.7.5-5ubuntu1)
groovy Not vulnerable
(2.7.5-5ubuntu1)
hirsute Not vulnerable
(2.7.5-5ubuntu1)
jammy Not vulnerable
(2.7.5-5ubuntu1)
lucid Does not exist

lunar Does not exist

precise Not vulnerable
(code-not-present)
quantal Not vulnerable
(code-not-present)
raring
Released (2.7.4-2ubuntu3.2)
saucy Not vulnerable
(2.7.5-5ubuntu1)
trusty Not vulnerable
(2.7.5-5ubuntu1)
upstream
Released (2.7.5-5)
utopic Not vulnerable
(2.7.5-5ubuntu1)
vivid Not vulnerable
(2.7.5-5ubuntu1)
wily Not vulnerable
(2.7.5-5ubuntu1)
xenial Not vulnerable
(2.7.5-5ubuntu1)
yakkety Not vulnerable
(2.7.5-5ubuntu1)
zesty Not vulnerable
(2.7.5-5ubuntu1)
mantic Does not exist

python3.1
Launchpad, Ubuntu, Debian
impish Does not exist

artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

kinetic Does not exist

lucid Not vulnerable
(code-not-present)
lunar Does not exist

precise Does not exist

quantal Does not exist

raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

mantic Does not exist

python3.2
Launchpad, Ubuntu, Debian
impish Does not exist

artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

precise
Released (3.2.3-0ubuntu3.5)
quantal
Released (3.2.3-6ubuntu3.4)
raring Does not exist

saucy Does not exist

trusty Does not exist

upstream Needs triage

utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

mantic Does not exist

Patches:

upstream: http://hg.python.org/cpython/rev/fafd33db6ff6
upstream: http://hg.python.org/cpython/rev/b9b521efeba3
upstream: http://hg.python.org/cpython/rev/c627638753e2

python3.3
Launchpad, Ubuntu, Debian
impish Does not exist

artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

kinetic Does not exist

lucid Does not exist

lunar Does not exist

precise Does not exist

quantal
Released (3.3.0-1ubuntu0.1)
raring
Released (3.3.1-1ubuntu5.2)
saucy Not vulnerable
(3.3.2-3ubuntu1)
trusty Does not exist

upstream
Released (3.3.2-3)
utopic Does not exist

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

mantic Does not exist

zeroinstall-injector
Launchpad, Ubuntu, Debian
impish Not vulnerable
(2.3.3-1)
vivid Ignored
(end of life)
precise Ignored
(end of life)
artful Not vulnerable
(2.3.3-1)
bionic Not vulnerable
(2.3.3-1)
cosmic Not vulnerable
(2.3.3-1)
disco Not vulnerable
(2.3.3-1)
eoan Not vulnerable
(2.3.3-1)
focal Not vulnerable
(2.3.3-1)
groovy Not vulnerable
(2.3.3-1)
hirsute Not vulnerable
(2.3.3-1)
jammy Not vulnerable
(2.3.3-1)
kinetic Not vulnerable
(2.3.3-1)
lucid Not vulnerable
(0.44-1)
lunar Not vulnerable
(2.3.3-1)
quantal Ignored
(end of life)
raring Ignored
(end of life)
saucy Ignored
(end of life)
trusty Does not exist
(trusty was not-affected [2.3.3-1])
upstream
Released (2.3.3-1)
utopic Ignored
(end of life)
wily Ignored
(end of life)
xenial Not vulnerable
(2.3.3-1)
yakkety Ignored
(end of life)
zesty Not vulnerable
(2.3.3-1)
mantic Not vulnerable
(2.3.3-1)
Patches:




upstream: https://github.com/0install/0install/commit/0c5b21d47b6007ac764430638a476418688bce16