[Python-modules-commits] r25605 - in packages/python-httplib2/trunk/debian (3 files)

bernat at users.alioth.debian.org bernat at users.alioth.debian.org
Fri Aug 16 16:13:05 UTC 2013 

    Date: Friday, August 16, 2013 @ 16:13:02
  Author: bernat
Revision: 25605

Fix CVE-2013-2037. Closes: #706602

Added:
  packages/python-httplib2/trunk/debian/patches/ssl-mismatch-check.patch
Modified:
  packages/python-httplib2/trunk/debian/changelog
  packages/python-httplib2/trunk/debian/patches/series

Modified: packages/python-httplib2/trunk/debian/changelog
===================================================================
--- packages/python-httplib2/trunk/debian/changelog	2013-08-16 11:58:03 UTC (rev 25604)
+++ packages/python-httplib2/trunk/debian/changelog	2013-08-16 16:13:02 UTC (rev 25605)
@@ -1,3 +1,13 @@
+python-httplib2 (0.8-2) unstable; urgency=low
+
+  * Team upload.
+
+  [ Vincent Bernat ]
+  * Upload to unstable.
+  * Fix CVE-2013-2037 with the appropriate patch. Closes: #706602.
+
+ -- Vincent Bernat <bernat at debian.org>  Fri, 16 Aug 2013 17:53:42 +0200
+
 python-httplib2 (0.8-1) experimental; urgency=low
 
   * New upstream release.

Modified: packages/python-httplib2/trunk/debian/patches/series
===================================================================
--- packages/python-httplib2/trunk/debian/patches/series	2013-08-16 11:58:03 UTC (rev 25604)
+++ packages/python-httplib2/trunk/debian/patches/series	2013-08-16 16:13:02 UTC (rev 25605)
@@ -1 +1,2 @@
 use_system_cacerts.patch
+ssl-mismatch-check.patch

Added: packages/python-httplib2/trunk/debian/patches/ssl-mismatch-check.patch
===================================================================
--- packages/python-httplib2/trunk/debian/patches/ssl-mismatch-check.patch	                        (rev 0)
+++ packages/python-httplib2/trunk/debian/patches/ssl-mismatch-check.patch	2013-08-16 16:13:02 UTC (rev 25605)
@@ -0,0 +1,25 @@
+Description: Close connection on certificate mismatch to avoid reuse
+Author: Roman Podolyaka <rpodolyaka...mirantis.com>
+Forwarded: https://code.google.com/p/httplib2/issues/detail?id=282
+
+diff -r 93291649202b python2/httplib2/__init__.py
+--- a/python2/httplib2/__init__.py	Tue Mar 26 14:17:48 2013 -0400
++++ b/python2/httplib2/__init__.py	Tue Apr 23 10:32:15 2013 +0300
+@@ -1030,7 +1030,7 @@
+                         raise CertificateHostnameMismatch(
+                             'Server presented certificate that does not match '
+                             'host %s: %s' % (hostname, cert), hostname, cert)
+-            except ssl_SSLError, e:
++            except (ssl_SSLError, CertificateHostnameMismatch), e:
+                 if sock:
+                     sock.close()
+                 if self.sock:
+@@ -1040,7 +1040,7 @@
+                 # to get at more detailed error information, in particular
+                 # whether the error is due to certificate validation or
+                 # something else (such as SSL protocol mismatch).
+-                if e.errno == ssl.SSL_ERROR_SSL:
++                if hasattr(e, 'errno') and e.errno == ssl.SSL_ERROR_SSL:
+                     raise SSLHandshakeError(e)
+                 else:
+                     raise

More information about the Python-modules-commits mailing list