Blame SOURCES/00237-CVE-2016-0772-smtplib.patch
|
 |
925e6b |
From 5b67aca6fb4246e84981d6361ba218bd52e73ac2 Mon Sep 17 00:00:00 2001
|
|
|
925e6b |
From: Tomas Orsava <torsava@redhat.com>
|
|
|
925e6b |
Date: Tue, 21 Jun 2016 15:52:03 +0200
|
|
|
925e6b |
Subject: [PATCH] Raise an error when STARTTLS fails
|
|
|
925e6b |
|
|
|
925e6b |
CVE-2016-0772 python: smtplib StartTLS stripping attack
|
|
|
925e6b |
rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647
|
|
|
925e6b |
|
|
|
925e6b |
Based on an upstream change by Benjamin Peterson <benjamin@python.org>
|
|
|
925e6b |
- in changeset 101886:b3ce713fb9be 2.7
|
|
|
925e6b |
- https://hg.python.org/cpython/rev/b3ce713fb9be
|
|
|
925e6b |
---
|
|
|
925e6b |
Lib/smtplib.py | 5 +++++
|
|
|
925e6b |
1 file changed, 5 insertions(+)
|
|
|
925e6b |
|
|
|
925e6b |
diff --git a/Lib/smtplib.py b/Lib/smtplib.py
|
|
|
925e6b |
index dc16ef6..8bc806b 100755
|
|
|
925e6b |
--- a/Lib/smtplib.py
|
|
|
925e6b |
+++ b/Lib/smtplib.py
|
|
|
925e6b |
@@ -655,6 +655,11 @@ class SMTP:
|
|
|
925e6b |
self.ehlo_resp = None
|
|
|
925e6b |
self.esmtp_features = {}
|
|
|
925e6b |
self.does_esmtp = 0
|
|
|
925e6b |
+ else:
|
|
|
925e6b |
+ # RFC 3207:
|
|
|
925e6b |
+ # 501 Syntax error (no parameters allowed)
|
|
|
925e6b |
+ # 454 TLS not available due to temporary reason
|
|
|
925e6b |
+ raise SMTPResponseException(resp, reply)
|
|
|
925e6b |
return (resp, reply)
|
|
|
925e6b |
|
|
|
925e6b |
def sendmail(self, from_addr, to_addrs, msg, mail_options=[],
|
|
|
925e6b |
--
|
|
|
925e6b |
2.5.5
|
|
|
925e6b |
|