Commit Graph

1 Commits

Author SHA1 Message Date
Miro Hrončok
092bdc18b3 Fix for CVE-2016-0772 and CVE-2016-5699
Fix for: CVE-2016-0772 python: smtplib StartTLS stripping attack
- Raise an error when STARTTLS fails
- rhbz#1303647: https://bugzilla.redhat.com/show_bug.cgi?id=1303647
- rhbz#1351680: https://bugzilla.redhat.com/show_bug.cgi?id=1351680
- Fixed upstream: https://hg.python.org/cpython/rev/d590114c2394

Fix for: CVE-2016-5699 python: http protocol steam injection attack
- rhbz#1303699: https://bugzilla.redhat.com/show_bug.cgi?id=1303699
- rhbz#1351687: https://bugzilla.redhat.com/show_bug.cgi?id=1351687
- Fixed upstream: https://hg.python.org/cpython/rev/bf3e1c9b80e9
2016-07-01 15:59:13 +02:00