Mandriva Linux Security Advisory : python (MDVSA-2013:214)
Medium Nessus Plugin ID 69439
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated python packages fix security vulnerability :
Ryan Sleevi of the Google Chrome Security Team has discovered that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. This could lead to a breach when an application uses ssl.match_hostname() to match the hostname againt the certificate's subjectAltName's dNSName general names. (CVE-2013-4238).
SolutionUpdate the affected packages.