Stay Connected:

ELSA-2019-3520

ELSA-2019-3520 - python3 security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2019-11-14

Description


[3.6.8-15.1.0.1]
- Add Oracle Linux distribution in platform.py [Orabug: 20812544]

[3.6.8-15.1]
- Patch 329 (FIPS) modified: Added workaround for mod_ssl:
Skip error checking in _Py_hashlib_fips_error
Resolves: rhbz#1760106

[3.6.8-15]
- Patch 329 that adds support for OpenSSL FIPS mode has been improved and
bugfixed
Resolves: rhbz#1744670 rhbz#1745499 rhbz#1745685

[3.6.8-14]
- Adding a new patch 329 that adds support for OpenSSL FIPS mode
- Explicitly listing man pages in files section to fix an RPM warning
Resolves: rhbz#1731424

[3.6.8-13]
- Do not set PHA verify flag on client side (rhbz#1725721)
- Enable TLS 1.3 post-handshake authentication in http.client (rhbz#1671353)

[3.6.8-12]
- Use RPM built wheels of pip and setuptools in ensurepip instead of our rewheel patch
- Require platform-python-setuptools from platform-python-devel to prevent packaging errors
Resolves: rhbz#1701286

[3.6.8-11]
- Fix for CVE-2019-10160
Resolves: rhbz#1689318

[3.6.8-10]
- Security fix for CVE-2019-9948
Resolves: rhbz#1714643

[3.6.8-9]
- Reduced default build flags used to build extension modules
https://fedoraproject.org/wiki/Changes/Python_Extension_Flags
Resolves: rhbz#1634784

[3.6.8-8]
- gzip the unversioned-python man page
Resolves: rhbz#1665514

[3.6.8-7]
- Disallow control chars in http URLs
- Fixes CVE-2019-9740 and CVE-2019-9947
Resolves: rhbz#1704365 and rhbz#1703531

[3.6.8-6]
- Updated fix for CVE-2019-9636 (rhbz#1689318)

[3.6.8-5]
- Security fix for CVE-2019-9636 (rhbz#1689318)


Related CVEs


CVE-2019-9947
CVE-2019-9948
CVE-2019-9740
CVE-2019-5010

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) python3-3.6.8-15.1.0.1.el8.src.rpm5b6ab50e59ebef7c9a43c24a2612579b3d9adda61c47d0d6f4428a47c1efe52f-ol8_aarch64_appstream
python3-3.6.8-15.1.0.1.el8.src.rpm5b6ab50e59ebef7c9a43c24a2612579b3d9adda61c47d0d6f4428a47c1efe52f-ol8_aarch64_baseos_latest
platform-python-3.6.8-15.1.0.1.el8.aarch64.rpm4d32cef524aee498eb5f95351c46871b2706aab89a4637d4dbd16f55f2f8b981-ol8_aarch64_baseos_latest
platform-python-debug-3.6.8-15.1.0.1.el8.aarch64.rpmdce7e261012e71dfe627fe0d8d4af0093673c32c54ceebf77b34cebe7803deb9-ol8_aarch64_appstream
platform-python-devel-3.6.8-15.1.0.1.el8.aarch64.rpmc65095e73d6daf85366bfb7c19708d47a0603d1ecb334456bb2e89b6301db589-ol8_aarch64_appstream
python3-idle-3.6.8-15.1.0.1.el8.aarch64.rpmf77084e3ff3c1f150e4e1f82eff63231639ad0e161d56791073c30441ee79cfc-ol8_aarch64_appstream
python3-libs-3.6.8-15.1.0.1.el8.aarch64.rpm54c1da1560f67d65b366c6e50081af194ecba1279338e41177b77e8e12bbd9c8-ol8_aarch64_baseos_latest
python3-test-3.6.8-15.1.0.1.el8.aarch64.rpmd8c7b65dffecf2af9b6c86bc4d635fdd1b407474d68c33484cbf8a9d572f108b-ol8_aarch64_baseos_latest
python3-tkinter-3.6.8-15.1.0.1.el8.aarch64.rpmbb6c518233b0a9602647744ce0eefe1db46179a01f7400de4878a4695243f43e-ol8_aarch64_appstream
Oracle Linux 8 (x86_64) python3-3.6.8-15.1.0.1.el8.src.rpm5b6ab50e59ebef7c9a43c24a2612579b3d9adda61c47d0d6f4428a47c1efe52f-ol8_x86_64_appstream
python3-3.6.8-15.1.0.1.el8.src.rpm5b6ab50e59ebef7c9a43c24a2612579b3d9adda61c47d0d6f4428a47c1efe52f-ol8_x86_64_baseos_latest
python3-3.6.8-15.1.0.1.el8.src.rpm5b6ab50e59ebef7c9a43c24a2612579b3d9adda61c47d0d6f4428a47c1efe52f-ol8_x86_64_u1_baseos_base
platform-python-3.6.8-15.1.0.1.el8.i686.rpma8d3a13371dcff4a1808f40d904bf857100dc4909ad044493750bfd45b0df2c4-ol8_x86_64_appstream
platform-python-3.6.8-15.1.0.1.el8.x86_64.rpm65cc8bce74f3508e628cf13abf21c1cd453dcb6d79bd80a0e586796c659e05be-ol8_x86_64_baseos_latest
platform-python-3.6.8-15.1.0.1.el8.x86_64.rpm65cc8bce74f3508e628cf13abf21c1cd453dcb6d79bd80a0e586796c659e05be-ol8_x86_64_u1_baseos_base
platform-python-debug-3.6.8-15.1.0.1.el8.i686.rpm76f21a48ae7bd96663ec2145926773e7a533fefda9ea7df5d526f0b6ac409fd6-ol8_x86_64_appstream
platform-python-debug-3.6.8-15.1.0.1.el8.x86_64.rpm7ede441f9d05252724cab2bb0742e09494aaaa0989802ee77ce70abde0923e69-ol8_x86_64_appstream
platform-python-devel-3.6.8-15.1.0.1.el8.i686.rpm63d6c8c9dc351215f44addcd3b122a57ccd1ae04f5d0ee245861d215fba29acd-ol8_x86_64_appstream
platform-python-devel-3.6.8-15.1.0.1.el8.x86_64.rpm78a88642f9c55fa9837050336fe619c74c9ca41d7e8ff567b302697eaf55ada8-ol8_x86_64_appstream
python3-idle-3.6.8-15.1.0.1.el8.i686.rpm9a82790b33526d8ba82e548faec8c110c9ea651096cfcda4ddc2e9f5c804bc7d-ol8_x86_64_appstream
python3-idle-3.6.8-15.1.0.1.el8.x86_64.rpmfccd177d9bd2877046253c21753d343e9fd7a8c2e9e70916633abfc406d211c5-ol8_x86_64_appstream
python3-libs-3.6.8-15.1.0.1.el8.i686.rpm5e3b94eac536552de74672603e39c5532558d2679b9d5f402798e8d3496b2155-ol8_x86_64_baseos_latest
python3-libs-3.6.8-15.1.0.1.el8.i686.rpm5e3b94eac536552de74672603e39c5532558d2679b9d5f402798e8d3496b2155-ol8_x86_64_u1_baseos_base
python3-libs-3.6.8-15.1.0.1.el8.x86_64.rpmddcc3397f58cfec65544d304837511d67d01534d7e9b8ab909c6062a5ed00609-ol8_x86_64_baseos_latest
python3-libs-3.6.8-15.1.0.1.el8.x86_64.rpmddcc3397f58cfec65544d304837511d67d01534d7e9b8ab909c6062a5ed00609-ol8_x86_64_u1_baseos_base
python3-test-3.6.8-15.1.0.1.el8.i686.rpm4b9429f4ab318db22ba596903e0d517652c0963f9c0052b2679870cd0670eea3-ol8_x86_64_appstream
python3-test-3.6.8-15.1.0.1.el8.x86_64.rpmc8251736a1eeeb243fe2aa44d56c22127623230f67f0514842f2e7bce9d623c0-ol8_x86_64_baseos_latest
python3-test-3.6.8-15.1.0.1.el8.x86_64.rpmc8251736a1eeeb243fe2aa44d56c22127623230f67f0514842f2e7bce9d623c0-ol8_x86_64_u1_baseos_base
python3-tkinter-3.6.8-15.1.0.1.el8.i686.rpm555adc0052317c205a7ab519c20e0a61d46f7b142ed082b2ec96ff596b9d2a47-ol8_x86_64_appstream
python3-tkinter-3.6.8-15.1.0.1.el8.x86_64.rpm6683ce0ce5e60213408f3ac5ca56e8a6575cc77bc56b50c8064d9ea82f3fd4e2-ol8_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights