* debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch

- Added upstream patch to fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099) (Closes: #709070) Thanks Henri Salo and Jakub Wilk for the report
author: Daniele Tricoli <eriol@mornie.org> 2013-05-20 17:47:59 +0000
committer: Daniele Tricoli <eriol@mornie.org> 2013-05-20 17:47:59 +0000
commit: 2c05e52e60674a2d9240c05330f11875096c6e71 (patch)
tree: 6c552b94f193feadd7e2459bf062d7a6bc801495 /debian/changelog
parent: 3fe56c4651d649b313c1640a795c3545b3972d8b (diff)
download: python-urllib3-2c05e52e60674a2d9240c05330f11875096c6e71.tar
python-urllib3-2c05e52e60674a2d9240c05330f11875096c6e71.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index c659984..cbf79ab 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+python-urllib3 (1.6-2) UNRELEASED; urgency=low
+
+  * debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch
+    - Added upstream patch to fix possible abuse of ssl.match_hostname()
+      for denial of service using certificates with many wildcards
+      (CVE-2013-2099) (Closes: #709070) Thanks Henri Salo and Jakub
+      Wilk for the report
+
+ -- Daniele Tricoli <eriol@mornie.org>  Mon, 20 May 2013 19:34:17 +0200
+
 python-urllib3 (1.6-1) unstable; urgency=low
 
   [ Jakub Wilk ]
author	Daniele Tricoli <eriol@mornie.org>	2013-05-20 17:47:59 +0000
committer	Daniele Tricoli <eriol@mornie.org>	2013-05-20 17:47:59 +0000
commit	2c05e52e60674a2d9240c05330f11875096c6e71 (patch)
tree	6c552b94f193feadd7e2459bf062d7a6bc801495 /debian/changelog
parent	3fe56c4651d649b313c1640a795c3545b3972d8b (diff)
download	python-urllib3-2c05e52e60674a2d9240c05330f11875096c6e71.tar python-urllib3-2c05e52e60674a2d9240c05330f11875096c6e71.tar.gz