f1894aa779
Raise an error when STARTTLS fails - rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647 - rhbz#1351679: https://bugzilla.redhat.com/show_bug.cgi?id=1351679 - Fixed upstream: https://hg.python.org/cpython/rev/b3ce713fb9be
36 lines
1.2 KiB
Diff
36 lines
1.2 KiB
Diff
From 935f806ae382a45620873dea0eafc536c9e01323 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
|
|
Date: Thu, 30 Jun 2016 14:51:24 +0200
|
|
Subject: [PATCH] Raise an error when STARTTLS fails
|
|
|
|
CVE-2016-0772 python: smtplib StartTLS stripping attack
|
|
rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647
|
|
rhbz#1351679: https://bugzilla.redhat.com/show_bug.cgi?id=1351679
|
|
|
|
Based on an upstream change by Benjamin Peterson <benjamin@python.org>
|
|
- in changeset 101886:b3ce713fb9be 2.7
|
|
- https://hg.python.org/cpython/rev/b3ce713fb9be
|
|
---
|
|
lib-python/2.7/smtplib.py | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/lib-python/2.7/smtplib.py b/lib-python/2.7/smtplib.py
|
|
index 8388b98..e1651c0 100755
|
|
--- a/lib-python/2.7/smtplib.py
|
|
+++ b/lib-python/2.7/smtplib.py
|
|
@@ -656,6 +656,11 @@ class SMTP:
|
|
self.ehlo_resp = None
|
|
self.esmtp_features = {}
|
|
self.does_esmtp = 0
|
|
+ else:
|
|
+ # RFC 3207:
|
|
+ # 501 Syntax error (no parameters allowed)
|
|
+ # 454 TLS not available due to temporary reason
|
|
+ raise SMTPResponseException(resp, reply)
|
|
return (resp, reply)
|
|
|
|
def sendmail(self, from_addr, to_addrs, msg, mail_options=[],
|
|
--
|
|
2.9.0
|
|
|