Removed 06_fix_abuse_of_match_hostname_for_DoS.patch since fixed upstream

1 files changed, 0 insertions, 26 deletions

diff --git a/debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch b/debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch
deleted file mode 100644
index 57a4c06..0000000
--- a/debian/patches/06_fix_abuse_of_match_hostname_for_DoS.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Description: Fix possible abuse of ssl.match_hostname() for denial
- of service using certificates with many wildcards (CVE-2013-2099)
-Origin: http://hg.python.org/cpython/rev/c627638753e2
-Bug: http://bugs.python.org/issue17980
-Bug-Debian: http://bugs.debian.org/709070
-
---- a/urllib3/packages/ssl_match_hostname/__init__.py
-+++ b/urllib3/packages/ssl_match_hostname/__init__.py
-@@ -7,9 +7,16 @@
- class CertificateError(ValueError):
-     pass
- 
--def _dnsname_to_pat(dn):
-+def _dnsname_to_pat(dn, max_wildcards=1):    
-     pats = []
-     for frag in dn.split(r'.'):
-+        if frag.count('*') > max_wildcards:
-+            # Issue #17980: avoid denials of service by refusing more
-+            # than one wildcard per fragment.  A survery of established
-+            # policy among SSL implementations showed it to be a
-+            # reasonable choice.
-+            raise CertificateError(
-+                    "too many wildcards in certificate DNS name: " + repr(dn))
-         if frag == '*':
-             # When '*' is a fragment by itself, it matches a non-empty dotless
-             # fragment.