Mandriva Linux Security Advisory 2013-214 - Ryan Sleevi of the Google Chrome Security Team has discovered that Python's SSL module doesn't handle NULL bytes inside subjectAltNames general names. This could lead to a breach when an application uses ssl.match_hostname() to match the hostname against the certificate's subjectAltName's dNSName general names.
bef1309c97ca6142e08e1d6ed64b7117003913520e969b3da85863a63dcb4168