[issue37463] socket.inet_aton IP parsing issue in ssl.match_hostname
Riccardo Schirone
report at bugs.python.org
Tue Jul 2 04:49:22 EDT 2019
Riccardo Schirone <rschiron at redhat.com> added the comment:
As far as I know you can't request a hostname with spaces in it (which seems to be a precondition to trigger this bug) so I think an attacker cannot even create a malicious CA that would be mistakenly accepted by match_hostname.
----------
nosy: +rschiron
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue37463>
_______________________________________
More information about the Python-bugs-list
mailing list