Mandriva Linux Security Advisory : python-OpenSSL (MDVSA-2013:233)
Medium Nessus Plugin ID 69891
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionA vulnerability has been discovered and corrected in python-OpenSSL :
The string formatting of subjectAltName X509Extension instances in pyOpenSSL before 0.13.1 incorrectly truncated fields of the name when encountering a null byte, possibly allowing man-in-the-middle attacks through certificate spoofing (CVE-2013-4314).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected python-OpenSSL package.