* The Python standard library HTTP client modules (such as httplib or
urllib) did not perform verification of TLS/SSL certificates when
connecting to HTTPS servers. A man-in-the-middle attacker could use this
flaw to hijack connections and eavesdrop or modify transferred data.
(CVE-2014-9365)
--