Upstream information

CVE-2013-4314 at MITRE

Description

The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.30
Vector AV:N/AC:M/Au:N/C:N/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None
SUSE Bugzilla entry: 839107 [ASSIGNED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • python-pyOpenSSL >= 0.14-1.7
Patchnames:
SUSE Linux Enterprise Desktop 12 GA python-pyOpenSSL
SUSE Linux Enterprise Desktop 12 SP1
  • python-pyOpenSSL >= 0.14-1.7
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA python-pyOpenSSL
SUSE Linux Enterprise Desktop 12 SP2
  • python-pyOpenSSL >= 16.0.0-2.3.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA python-pyOpenSSL
SUSE Linux Enterprise Server 12
  • python-pyOpenSSL >= 0.14-1.7
Patchnames:
SUSE Linux Enterprise Server 12 GA python-pyOpenSSL
SUSE Linux Enterprise Server 12 SP1
  • python-pyOpenSSL >= 0.14-1.7
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA python-pyOpenSSL
SUSE Linux Enterprise Server 12 SP2
  • python-pyOpenSSL >= 16.0.0-2.3.2
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA python-pyOpenSSL
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • python-pyOpenSSL >= 16.0.0-2.3.2
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA python-pyOpenSSL
SUSE OpenStack Cloud 2.0
  • python-pyOpenSSL >= 0.13.1-0.7.1
Patchnames:
sleclo20sp3-python-pyOpenSSL
SUSE Cloud 2.0
  • python-pyOpenSSL >= 0.13.1-0.7.1
Builds
SAT Patch Nr: 8481
openSUSE 13.2
  • python-pyOpenSSL >= 0.13.1-9.1.4
Patchnames:
openSUSE 13.2 GA python-pyOpenSSL
openSUSE Evergreen 11.4
  • python-openssl >= 0.11-6.1
  • python-openssl-debuginfo >= 0.11-6.1
  • python-openssl-debugsource >= 0.11-6.1
Patchnames:
2014-40
openSUSE Leap 42.1
  • python-pyOpenSSL >= 0.14-5.2
Patchnames:
openSUSE Leap 42.1 GA python-pyOpenSSL
openSUSE Leap 42.2
  • python-pyOpenSSL >= 16.0.0-1.1
Patchnames:
openSUSE Leap 42.2 GA python-pyOpenSSL
openSUSE Tumbleweed
  • python-pyOpenSSL >= 16.2.0-1.3
  • python-pyOpenSSL-doc >= 16.2.0-1.3
Patchnames:
openSUSE Tumbleweed GA python-pyOpenSSL