High severityNVD Advisory· Published Oct 8, 2018· Updated Aug 5, 2024
CVE-2018-1000807
CVE-2018-1000807
Description
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Use-after-free vulnerability in pyOpenSSL X509 object handling before version 17.5.0 could allow denial of service or remote code execution.
Vulnerability
A use-after-free vulnerability exists in pyOpenSSL's handling of X509 objects in versions prior to 17.5.0 [1][2]. The issue is categorized as CWE-416 and occurs when an application retains a reference to memory that has already been freed [1].
Exploitation
Exploitation depends on the calling application and whether it retains a reference to the freed memory [1]. An attacker may trigger the vulnerability remotely via specially crafted input, leading to a crash or potentially arbitrary code execution [4].
Impact
Successfully exploiting the use-after-free can result in denial of service (application crash) or remote code execution with the privileges of the affected application [1][4]. The exact impact varies based on how the memory is reused after being freed.
Mitigation
The vulnerability is fixed in pyOpenSSL version 17.5.0 [2][3]. Red Hat issued RHSA-2019:0085 for Red Hat OpenStack Platform 13.0 [3], and Ubuntu published USN-3813-1 in November 2018 [4]. Users should upgrade to 17.5.0 or later.
References
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pyopensslPyPI | < 17.5.0 | 17.5.0 |
Affected products
251- ghsa-coords251 versionspkg:pypi/pyopensslpkg:rpm/suse/ardana-ansible&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-ansible&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-cobbler&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-cobbler&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-db&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-db&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-osconfig&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-osconfig&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-service&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-service&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-ses&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-ses&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/ardana-tempest&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/ardana-tempest&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/crowbar-core&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-ha&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/crowbar-openstack&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-hpe-helion-openstack-installation&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-operations&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-opsconsole&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-planning&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-security&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-hpe-helion-openstack-user&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/documentation-suse-openstack-cloud-deployment&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-installation&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-operations&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-opsconsole&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-planning&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-security&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-supplement&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-admin&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/documentation-suse-openstack-cloud-upstream-user&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/documentation-suse-openstack-cloud-user&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/galera-python-clustercheck&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/galera-python-clustercheck&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/galera-python-clustercheck&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-dashboard&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-dashboard&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-dashboard&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-ec2-api&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-ec2-api&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-ec2-api&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-heat&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-heat-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-heat-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-heat-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-heat-templates&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-heat-templates&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-horizon-plugin-ironic-ui&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-horizon-plugin-ironic-ui&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-horizon-plugin-ironic-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-horizon-plugin-magnum-ui&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-horizon-plugin-magnum-ui&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-horizon-plugin-magnum-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-horizon-plugin-sahara-ui&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-horizon-plugin-sahara-ui&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-horizon-plugin-sahara-ui&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-ironic&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-ironic-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-ironic-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-ironic-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-keystone&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-keystone-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-keystone-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-keystone-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-magnum&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-magnum-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-magnum-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-magnum-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-manila&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-manila-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-manila-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-manila-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-api&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-api&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-api&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-notification&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-notification&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-persister&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-persister&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-murano&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-murano-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-murano-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-murano-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron-fwaas&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron-fwaas&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron-fwaas&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-neutron-fwaas-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-neutron-fwaas-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-neutron-fwaas-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-nova-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-nova-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-octavia&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-sahara&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-sahara-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-sahara-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-sahara-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-swift&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-swift-doc&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-swift-doc&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-swift-doc&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-tempest&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-tempest&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-cinderclient&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-cinderclient&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-cinderclient&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-cryptography&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-cryptography&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-cryptography&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-cryptography&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-cryptography&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-cryptography&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-monasca-common&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-monasca-common&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-monasca-common&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-os-brick&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/python-os-brick&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/python-os-brick&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/python-pyOpenSSL&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/python-setuptools&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/python-setuptools&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%206-LTSSpkg:rpm/suse/python-setuptools&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/venv-openstack-aodh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-aodh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-freezer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-freezer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-horizon-hpe&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-trove&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-trove&distro=SUSE%20OpenStack%20Cloud%208
< 17.5.0+ 250 more
- (no CPE)range: < 17.5.0
- (no CPE)range: < 8.0+git.1553878455.7439e04-3.58.2
- (no CPE)range: < 8.0+git.1553878455.7439e04-3.58.2
- (no CPE)range: < 8.0+git.1550694449.df88054-3.35.2
- (no CPE)range: < 8.0+git.1550694449.df88054-3.35.2
- (no CPE)range: < 8.0+git.1550589454.df2e733-3.22.2
- (no CPE)range: < 8.0+git.1550589454.df2e733-3.22.2
- (no CPE)range: < 8.0+git.1552935705.e9a92b3-3.9.2
- (no CPE)range: < 8.0+git.1552935705.e9a92b3-3.9.2
- (no CPE)range: < 8.0+git.1551748668.7427826-1.15.2
- (no CPE)range: < 8.0+git.1551748668.7427826-1.15.2
- (no CPE)range: < 8.0+git.1551113207.9f1db17-3.27.2
- (no CPE)range: < 8.0+git.1551113207.9f1db17-3.27.2
- (no CPE)range: < 8.0+git.1551718533.227cb9e-3.26.2
- (no CPE)range: < 8.0+git.1551718533.227cb9e-3.26.2
- (no CPE)range: < 8.0+git.1553890679.8a50307-3.14.2
- (no CPE)range: < 8.0+git.1553890679.8a50307-3.14.2
- (no CPE)range: < 8.0+git.1552503158.6b6b195-3.33.2
- (no CPE)range: < 8.0+git.1552503158.6b6b195-3.33.2
- (no CPE)range: < 8.0+git.1551382173.a81d5e1-3.23.2
- (no CPE)range: < 8.0+git.1551382173.a81d5e1-3.23.2
- (no CPE)range: < 8.0+git.1554145115.63a4cf2-1.17.2
- (no CPE)range: < 8.0+git.1554145115.63a4cf2-1.17.2
- (no CPE)range: < 8.0+git.1551502730.f4d219d-3.24.2
- (no CPE)range: < 8.0+git.1551502730.f4d219d-3.24.2
- (no CPE)range: < 8.0+git.1554307220.ed24e63-3.18.2
- (no CPE)range: < 8.0+git.1554307220.ed24e63-3.18.2
- (no CPE)range: < 5.0+git.1552461227.43e65d269-3.20.2
- (no CPE)range: < 5.0+git.1551088826.010c0399-3.12.2
- (no CPE)range: < 5.0+git.1553248675.7e103ea-3.14.2
- (no CPE)range: < 5.0+git.1554709170.195ba0e26-4.22.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 8.20190329-1.14.2
- (no CPE)range: < 0.0+git.1506329536.8f5878c-4.3.2
- (no CPE)range: < 0.0+git.1506329536.8f5878c-4.3.2
- (no CPE)range: < 0.0+git.1506329536.8f5878c-4.3.2
- (no CPE)range: < 12.0.4~dev5-3.17.3
- (no CPE)range: < 12.0.4~dev5-3.17.3
- (no CPE)range: < 12.0.4~dev5-3.17.3
- (no CPE)range: < 5.0.1~dev10-4.6.2
- (no CPE)range: < 5.0.1~dev10-4.6.2
- (no CPE)range: < 5.0.1~dev10-4.6.2
- (no CPE)range: < 9.0.6~dev17-3.15.3
- (no CPE)range: < 9.0.6~dev17-3.15.3
- (no CPE)range: < 9.0.6~dev17-3.15.3
- (no CPE)range: < 9.0.6~dev17-3.15.2
- (no CPE)range: < 9.0.6~dev17-3.15.2
- (no CPE)range: < 9.0.6~dev17-3.15.2
- (no CPE)range: < 0.0.0+git.1553459627.948e8cc-3.9.2
- (no CPE)range: < 0.0.0+git.1553459627.948e8cc-3.9.2
- (no CPE)range: < 0.0.0+git.1553459627.948e8cc-3.9.2
- (no CPE)range: < 3.0.4~dev3-3.6.2
- (no CPE)range: < 3.0.4~dev3-3.6.2
- (no CPE)range: < 3.0.4~dev3-3.6.2
- (no CPE)range: < 3.0.1~dev9-3.6.2
- (no CPE)range: < 3.0.1~dev9-3.6.2
- (no CPE)range: < 3.0.1~dev9-3.6.2
- (no CPE)range: < 7.0.4~dev1-3.6.2
- (no CPE)range: < 7.0.4~dev1-3.6.2
- (no CPE)range: < 7.0.4~dev1-3.6.2
- (no CPE)range: < 9.1.7~dev7-3.15.3
- (no CPE)range: < 9.1.7~dev7-3.15.3
- (no CPE)range: < 9.1.7~dev7-3.15.3
- (no CPE)range: < 9.1.7~dev7-3.15.2
- (no CPE)range: < 9.1.7~dev7-3.15.2
- (no CPE)range: < 9.1.7~dev7-3.15.2
- (no CPE)range: < 12.0.3~dev1-5.16.3
- (no CPE)range: < 12.0.3~dev1-5.16.3
- (no CPE)range: < 12.0.3~dev1-5.16.3
- (no CPE)range: < 12.0.3~dev1-5.16.2
- (no CPE)range: < 12.0.3~dev1-5.16.2
- (no CPE)range: < 12.0.3~dev1-5.16.2
- (no CPE)range: < 5.0.2~dev31-4.12.3
- (no CPE)range: < 5.0.2~dev31-4.12.3
- (no CPE)range: < 5.0.2~dev31-4.12.3
- (no CPE)range: < 5.0.2~dev31-4.12.2
- (no CPE)range: < 5.0.2~dev31-4.12.2
- (no CPE)range: < 5.0.2~dev31-4.12.2
- (no CPE)range: < 5.0.4~dev17-3.15.3
- (no CPE)range: < 5.0.4~dev17-3.15.3
- (no CPE)range: < 5.0.4~dev17-3.15.3
- (no CPE)range: < 5.0.4~dev17-3.15.2
- (no CPE)range: < 5.0.4~dev17-3.15.2
- (no CPE)range: < 5.0.4~dev17-3.15.2
- (no CPE)range: < 2.2.1~dev25-3.9.3
- (no CPE)range: < 2.2.1~dev25-3.9.3
- (no CPE)range: < 2.2.1~dev25-3.9.3
- (no CPE)range: < 1.10.2~dev2-3.6.3
- (no CPE)range: < 1.10.2~dev2-3.6.3
- (no CPE)range: < 1.10.2~dev2-3.6.3
- (no CPE)range: < 1.7.1~dev8-3.6.3
- (no CPE)range: < 1.7.1~dev8-3.6.3
- (no CPE)range: < 1.7.1~dev8-3.6.3
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 4.0.1~dev5-3.6.2
- (no CPE)range: < 11.0.7~dev100-3.15.3
- (no CPE)range: < 11.0.7~dev100-3.15.3
- (no CPE)range: < 11.0.7~dev100-3.15.3
- (no CPE)range: < 11.0.7~dev100-3.15.2
- (no CPE)range: < 11.0.7~dev100-3.15.2
- (no CPE)range: < 11.0.7~dev100-3.15.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 11.0.2~dev8-3.11.2
- (no CPE)range: < 16.1.8~dev53-3.20.3
- (no CPE)range: < 16.1.8~dev53-3.20.3
- (no CPE)range: < 16.1.8~dev53-3.20.3
- (no CPE)range: < 16.1.8~dev53-3.20.2
- (no CPE)range: < 16.1.8~dev53-3.20.2
- (no CPE)range: < 16.1.8~dev53-3.20.2
- (no CPE)range: < 1.0.5~dev1-4.15.2
- (no CPE)range: < 1.0.5~dev1-4.15.2
- (no CPE)range: < 1.0.5~dev1-4.15.2
- (no CPE)range: < 7.0.4~dev1-3.9.3
- (no CPE)range: < 7.0.4~dev1-3.9.3
- (no CPE)range: < 7.0.4~dev1-3.9.3
- (no CPE)range: < 7.0.4~dev1-3.9.2
- (no CPE)range: < 7.0.4~dev1-3.9.2
- (no CPE)range: < 7.0.4~dev1-3.9.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 2.15.2~dev32-3.6.2
- (no CPE)range: < 17.0.0-4.6.2
- (no CPE)range: < 17.0.0-4.6.2
- (no CPE)range: < 17.0.0-4.6.2
- (no CPE)range: < 3.1.1-3.3.2
- (no CPE)range: < 3.1.1-3.3.2
- (no CPE)range: < 3.1.1-3.3.2
- (no CPE)range: < 2.0.3-3.7.2
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 1.3.1-7.13.4
- (no CPE)range: < 2.0.3-3.7.2
- (no CPE)range: < 2.0.3-3.7.2
- (no CPE)range: < 2.3.1~dev4-4.6.2
- (no CPE)range: < 2.3.1~dev4-4.6.2
- (no CPE)range: < 2.3.1~dev4-4.6.2
- (no CPE)range: < 1.15.8-3.3.2
- (no CPE)range: < 1.15.8-3.3.2
- (no CPE)range: < 1.15.8-3.3.2
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 17.1.0-4.26.1
- (no CPE)range: < 17.1.0-4.29.1
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 17.1.0-4.26.1
- (no CPE)range: < 17.1.0-4.29.1
- (no CPE)range: < 16.0.0-4.11.3
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 18.0.1-4.8.1
- (no CPE)range: < 5.1.1~dev6-12.14.3
- (no CPE)range: < 5.1.1~dev6-12.14.3
- (no CPE)range: < 5.0.2~dev2-12.15.3
- (no CPE)range: < 5.0.2~dev2-12.15.3
- (no CPE)range: < 9.0.7~dev2-12.12.3
- (no CPE)range: < 9.0.7~dev2-12.12.3
- (no CPE)range: < 11.1.2~dev58-14.15.3
- (no CPE)range: < 11.1.2~dev58-14.15.3
- (no CPE)range: < 5.0.3~dev6-12.13.3
- (no CPE)range: < 5.0.3~dev6-12.13.3
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.10.3
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.10.3
- (no CPE)range: < 15.0.2~dev9-12.13.3
- (no CPE)range: < 15.0.2~dev9-12.13.3
- (no CPE)range: < 9.0.6~dev17-12.15.3
- (no CPE)range: < 9.0.6~dev17-12.15.3
- (no CPE)range: < 12.0.4~dev5-14.20.3
- (no CPE)range: < 12.0.4~dev5-14.20.3
- (no CPE)range: < 9.1.7~dev7-12.15.3
- (no CPE)range: < 9.1.7~dev7-12.15.3
- (no CPE)range: < 12.0.3~dev1-11.15.3
- (no CPE)range: < 12.0.3~dev1-11.15.3
- (no CPE)range: < 5.0.2-11.13.1
- (no CPE)range: < 5.0.2-11.13.1
- (no CPE)range: < 5.0.4~dev17-12.17.3
- (no CPE)range: < 5.0.4~dev17-12.17.3
- (no CPE)range: < 1.5.1-8.9.1
- (no CPE)range: < 1.5.1-8.9.1
- (no CPE)range: < 2.2.1-11.11.1
- (no CPE)range: < 2.2.1-11.11.1
- (no CPE)range: < 4.0.1-12.9.1
- (no CPE)range: < 4.0.1-12.9.1
- (no CPE)range: < 11.0.2-13.17.1
- (no CPE)range: < 11.0.2-13.17.1
- (no CPE)range: < 16.1.8~dev53-11.16.3
- (no CPE)range: < 16.1.8~dev53-11.16.3
- (no CPE)range: < 1.0.5~dev1-12.15.3
- (no CPE)range: < 1.0.5~dev1-12.15.3
- (no CPE)range: < 7.0.4~dev1-11.14.3
- (no CPE)range: < 7.0.4~dev1-11.14.3
- (no CPE)range: < 2.15.2-11.9.1
- (no CPE)range: < 2.15.2-11.9.1
- (no CPE)range: < 8.0.1~dev12-11.14.3
- (no CPE)range: < 8.0.1~dev12-11.14.3
Patches
1e73818600065fix a memory leak and a potential UAF and also #722 (#723)
6 files changed · +36 −11
CHANGELOG.rst+3 −3 modified@@ -11,7 +11,7 @@ The third digit is only for regressions. Backward-incompatible changes: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -*none* +* The minimum ``cryptography`` version is now 2.1.4. Deprecations: @@ -23,8 +23,8 @@ Deprecations: Changes: ^^^^^^^^ - -*none* +- Fixed a potential use-after-free in the verify callback and resolved a memory leak when loading PKCS12 files with ``cacerts``. + `#723 <https://github.com/pyca/pyopenssl/pull/723>`_ ----
setup.py+1 −1 modified@@ -95,7 +95,7 @@ def find_meta(meta): package_dir={"": "src"}, install_requires=[ # Fix cryptographyMinimum in tox.ini when changing this! - "cryptography>=1.9", + "cryptography>=2.1.4", "six>=1.5.2" ], extras_require={
src/OpenSSL/crypto.py+3 −4 modified@@ -3058,8 +3058,7 @@ def load_pkcs12(buffer, passphrase=None): pycert = None friendlyname = None else: - pycert = X509.__new__(X509) - pycert._x509 = _ffi.gc(cert[0], _lib.X509_free) + pycert = X509._from_raw_x509_ptr(cert[0]) friendlyname_length = _ffi.new("int*") friendlyname_buffer = _lib.X509_alias_get0( @@ -3073,8 +3072,8 @@ def load_pkcs12(buffer, passphrase=None): pycacerts = [] for i in range(_lib.sk_X509_num(cacerts)): - pycacert = X509.__new__(X509) - pycacert._x509 = _lib.sk_X509_value(cacerts, i) + x509 = _lib.sk_X509_value(cacerts, i) + pycacert = X509._from_raw_x509_ptr(x509) pycacerts.append(pycacert) if not pycacerts: pycacerts = None
src/OpenSSL/SSL.py+3 −2 modified@@ -309,8 +309,9 @@ def __init__(self, callback): @wraps(callback) def wrapper(ok, store_ctx): - cert = X509.__new__(X509) - cert._x509 = _lib.X509_STORE_CTX_get_current_cert(store_ctx) + x509 = _lib.X509_STORE_CTX_get_current_cert(store_ctx) + _lib.X509_up_ref(x509) + cert = X509._from_raw_x509_ptr(x509) error_number = _lib.X509_STORE_CTX_get_error(store_ctx) error_depth = _lib.X509_STORE_CTX_get_error_depth(store_ctx)
tests/test_ssl.py+25 −0 modified@@ -1279,6 +1279,31 @@ def callback(self, connection, *args): assert verify.connection is clientConnection + def test_x509_in_verify_works(self): + """ + We had a bug where the X509 cert instantiated in the callback wrapper + didn't __init__ so it was missing objects needed when calling + get_subject. This test sets up a handshake where we call get_subject + on the cert provided to the verify callback. + """ + serverContext = Context(TLSv1_METHOD) + serverContext.use_privatekey( + load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)) + serverContext.use_certificate( + load_certificate(FILETYPE_PEM, cleartextCertificatePEM)) + serverConnection = Connection(serverContext, None) + + def verify_cb_get_subject(conn, cert, errnum, depth, ok): + assert cert.get_subject() + return 1 + + clientContext = Context(TLSv1_METHOD) + clientContext.set_verify(VERIFY_PEER, verify_cb_get_subject) + clientConnection = Connection(clientContext, None) + clientConnection.set_connect_state() + + handshake_in_memory(clientConnection, serverConnection) + def test_set_verify_callback_exception(self): """ If the verify callback passed to `Context.set_verify` raises an
tox.ini+1 −1 modified@@ -10,7 +10,7 @@ extras = deps = coverage>=4.2 cryptographyMaster: git+https://github.com/pyca/cryptography.git - cryptographyMinimum: cryptography<=1.9 + cryptographyMinimum: cryptography==2.1.4 setenv = # Do not allow the executing environment to pollute the test environment # with extra packages.
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.htmlghsavendor-advisoryWEB
- access.redhat.com/errata/RHSA-2019:0085ghsavendor-advisoryWEB
- github.com/advisories/GHSA-p28m-34f6-967qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1000807ghsaADVISORY
- usn.ubuntu.com/3813-1/mitrevendor-advisory
- github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509ghsaWEB
- github.com/pyca/pyopenssl/pull/723ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/pyopenssl/PYSEC-2018-23.yamlghsaWEB
- usn.ubuntu.com/3813-1ghsaWEB
News mentions
0No linked articles in our index yet.