rpms / python2-pip

Clone
Source Code
GIT

Blame SOURCES/CVE-2019-11324.patch

c8-beta-stream-2.7 c8-containeronly-stream-flatpak c8-stream-2.7 c8s-stream-2.7
  1.   bd5b0ed562ebff2c0387a7a709dcef5a7ab1eee2
  2.   SOURCES
  3.   CVE-2019-11324.patch
Blob History Raw
bd5b0e 
From 54e768a6dbe3cadeb456dea37bbeaf6e1e17e87c Mon Sep 17 00:00:00 2001
bd5b0e 
From: Lumir Balhar <lbalhar@redhat.com>
bd5b0e 
Date: Thu, 9 Jan 2020 10:47:27 +0100
bd5b0e 
Subject: [PATCH] CVE-2019-11324 Certification mishandle when error should be
bd5b0e 
 thrown
bd5b0e
bd5b0e 
---
bd5b0e 
 util/ssl_.py | 2 +-
bd5b0e 
 1 file changed, 1 insertion(+), 1 deletion(-)
bd5b0e
bd5b0e 
diff --git a/util/ssl_.py b/util/ssl_.py
bd5b0e 
index 32fd9ed..f9f12ff 100644
bd5b0e 
--- a/util/ssl_.py
bd5b0e 
+++ b/util/ssl_.py
bd5b0e 
@@ -319,7 +319,7 @@ def ssl_wrap_socket(sock, keyfile=None, certfile=None, cert_reqs=None,
bd5b0e 
             if e.errno == errno.ENOENT:
bd5b0e 
                 raise SSLError(e)
bd5b0e 
             raise
bd5b0e 
-    elif getattr(context, 'load_default_certs', None) is not None:
bd5b0e 
+    elif ssl_context is None and hasattr(context, 'load_default_certs'):
bd5b0e 
         # try to load OS default certs; works well on Windows (require Python3.4+)
bd5b0e 
         context.load_default_certs()
bd5b0e
bd5b0e 
--
bd5b0e 
2.24.1
bd5b0e

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation