Stay Connected:

ELSA-2017-1868

ELSA-2017-1868 - python security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2017-08-07

Description


[2.7.5-58.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]

[2.7.5-58]
- Set stream to None in case an _open() fails.
Resolves: rhbz#1432003

[2.7.5-57]
- Fix implicit declaration warnings of functions added by patches 147 and 265
Resolves: rhbz#1441237

[2.7.5-56]
- Fix shutil.make_archive ignoring empty directories when creating zip files
Resolves: rhbz#1439734

[2.7.5-55]
- Update Python RPM macros with new ones from EPEL7 to simplify packaging
Resolves: rhbz#1297522

[2.7.5-54]
- Protect key list during fork()
Resolves: rhbz#1268226

[2.7.5-53]
- Fix _ssl.c reference leaks
Resolves: rhbz#1272562

[2.7.5-52]
- Workaround Python's threading library issue with non returning wait, for signals with timeout
Resolves: rhbz#1368076

[2.7.5-51]
- Enable certificate verification by default
Resolves: rhbz#1219110

[2.7.5-50]
- Fix incorrect parsing of certain regular expressions
Resolves: rhbz#1373363

[2.7.5-49]
- Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs
Resolves: rhbz#1364444

[2.7.5-48]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359164

[2.7.5-47]
- Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.get_data()
Resolves: rhbz#1356364

[2.7.5-46]
- Drop patch 221 that backported sslwrap function since it was introducing regressions
- Refactor patch 227
Resolves: rhbz#1331425

[2.7.5-45]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack (rhbz#1303647)
Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack (rhbz#1303699)
Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346357

[2.7.5-44]
- Fix iteration over files with very long lines
Resolves: rhbz#1271760

[2.7.5-43]
- Move python.conf from /etc/tmpfiles.d/ to /usr/lib/tmpfiles.d/
Resolves: rhbz#1288426

[2.7.5-42]
- JSON decoder lone surrogates fix
Resolves: rhbz#1301017

[2.7.5-41]
- Updated PEP493 implementation
Resolves: rhbz#1315758

[2.7.5-40]
- Backport of Computed Goto dispatch
Resolves: rhbz#1289277


Related CVEs


CVE-2014-9365

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) python-2.7.5-58.0.1.el7.src.rpm03913271ac081f23455ab2a7327a59fea49a7945a991147d016f0389cf8ffe5fELSA-2023-6885ol7_aarch64_latest
python-2.7.5-58.0.1.el7.src.rpm03913271ac081f23455ab2a7327a59fea49a7945a991147d016f0389cf8ffe5fELSA-2023-6885ol7_aarch64_optional_latest
python-2.7.5-58.0.1.el7.aarch64.rpm402eca56fa3b16cc8efce7b618dc69803637ed7298fee894750800a1c8875684ELSA-2023-6885ol7_aarch64_latest
python-debug-2.7.5-58.0.1.el7.aarch64.rpm5d2079e6207480f73f51551876344ab0c1388be3865852e84ed1d5ba3c9d1060ELSA-2023-6885ol7_aarch64_optional_latest
python-devel-2.7.5-58.0.1.el7.aarch64.rpm0ce36a004091da27a7ead5a3a90f7e6de58ff7440694b3e761b8aedf1756025fELSA-2023-6885ol7_aarch64_latest
python-libs-2.7.5-58.0.1.el7.aarch64.rpm3fb892fdf765b10038d9de6a330f1955a188c314a4c7106b5abe8cb710f724e4ELSA-2023-6885ol7_aarch64_latest
python-test-2.7.5-58.0.1.el7.aarch64.rpm1a6a16c97821210e53a5a9f0a228b88818edd692515729800d993cfdf7469690ELSA-2023-6885ol7_aarch64_optional_latest
python-tools-2.7.5-58.0.1.el7.aarch64.rpm2345f5c526b80ddb47c464dcb306041bc358c573159ba8f563208eccd459dbb4ELSA-2023-6885ol7_aarch64_optional_latest
tkinter-2.7.5-58.0.1.el7.aarch64.rpm3ee02ebc4b5cf9b8971d7eb2e61ee1ffd2476c5ae7e444dea5c8c88e5ca98617ELSA-2023-6885ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64) python-2.7.5-58.0.1.el7.src.rpm03913271ac081f23455ab2a7327a59fea49a7945a991147d016f0389cf8ffe5fELSA-2023-6885ol7_x86_64_latest_archive
python-2.7.5-58.0.1.el7.src.rpm03913271ac081f23455ab2a7327a59fea49a7945a991147d016f0389cf8ffe5fELSA-2023-6885ol7_x86_64_optional_archive
python-2.7.5-58.0.1.el7.src.rpm03913271ac081f23455ab2a7327a59fea49a7945a991147d016f0389cf8ffe5fELSA-2023-6885ol7_x86_64_u4_base
python-2.7.5-58.0.1.el7.x86_64.rpm384504b607c8e51a3f122e18a0051bd0cdcb0ca2ee352a5714eec194ec9133c4ELSA-2023-6885ol7_x86_64_latest_archive
python-2.7.5-58.0.1.el7.x86_64.rpm384504b607c8e51a3f122e18a0051bd0cdcb0ca2ee352a5714eec194ec9133c4ELSA-2023-6885ol7_x86_64_u4_base
python-debug-2.7.5-58.0.1.el7.x86_64.rpma7d64e437942d4b8dd6b44ea15700c740eeb0949110b421e291dfeacdb733016ELSA-2023-6885ol7_x86_64_optional_archive
python-devel-2.7.5-58.0.1.el7.x86_64.rpmf252b5c6600b2e6846f1fb54a079da114723395d718bb3057971eb2f5c3abf70ELSA-2023-6885ol7_x86_64_latest_archive
python-devel-2.7.5-58.0.1.el7.x86_64.rpmf252b5c6600b2e6846f1fb54a079da114723395d718bb3057971eb2f5c3abf70ELSA-2023-6885ol7_x86_64_u4_base
python-libs-2.7.5-58.0.1.el7.i686.rpm3c64978f6b5a6be2f6a5b1aed7cd2db4ab4f808f65e5f4a6bcb91b4fb5720592ELSA-2023-6885ol7_x86_64_latest_archive
python-libs-2.7.5-58.0.1.el7.i686.rpm3c64978f6b5a6be2f6a5b1aed7cd2db4ab4f808f65e5f4a6bcb91b4fb5720592ELSA-2023-6885ol7_x86_64_u4_base
python-libs-2.7.5-58.0.1.el7.x86_64.rpm0aca52e8830aa371322c7088b5c65e18fe2ae05eb97166f491cf4673627cdf41ELSA-2023-6885ol7_x86_64_latest_archive
python-libs-2.7.5-58.0.1.el7.x86_64.rpm0aca52e8830aa371322c7088b5c65e18fe2ae05eb97166f491cf4673627cdf41ELSA-2023-6885ol7_x86_64_u4_base
python-test-2.7.5-58.0.1.el7.x86_64.rpmf8b3564bf138aabc260955d7c72232a3df059138b5f5827499b7618329dad198ELSA-2023-6885ol7_x86_64_optional_archive
python-tools-2.7.5-58.0.1.el7.x86_64.rpm3db04da9ffc3fe66d8ef84502f15dc78cd04e06fc1771cd97c4f17db992de0cfELSA-2023-6885ol7_x86_64_optional_archive
tkinter-2.7.5-58.0.1.el7.x86_64.rpm2c6d883cb877f5eae25c2b14587b86ece916399d77ff1a964d2b8e32058b94b9ELSA-2023-6885ol7_x86_64_optional_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights