ELSA-2019-3520

ELSA-2019-3520 - python3 security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2019-11-14

Description


[3.6.8-15.1.0.1]
- Add Oracle Linux distribution in platform.py [Orabug: 20812544]

[3.6.8-15.1]
- Patch 329 (FIPS) modified: Added workaround for mod_ssl:
Skip error checking in _Py_hashlib_fips_error
Resolves: rhbz#1760106

[3.6.8-15]
- Patch 329 that adds support for OpenSSL FIPS mode has been improved and
bugfixed
Resolves: rhbz#1744670 rhbz#1745499 rhbz#1745685

[3.6.8-14]
- Adding a new patch 329 that adds support for OpenSSL FIPS mode
- Explicitly listing man pages in files section to fix an RPM warning
Resolves: rhbz#1731424

[3.6.8-13]
- Do not set PHA verify flag on client side (rhbz#1725721)
- Enable TLS 1.3 post-handshake authentication in http.client (rhbz#1671353)

[3.6.8-12]
- Use RPM built wheels of pip and setuptools in ensurepip instead of our rewheel patch
- Require platform-python-setuptools from platform-python-devel to prevent packaging errors
Resolves: rhbz#1701286

[3.6.8-11]
- Fix for CVE-2019-10160
Resolves: rhbz#1689318

[3.6.8-10]
- Security fix for CVE-2019-9948
Resolves: rhbz#1714643

[3.6.8-9]
- Reduced default build flags used to build extension modules
https://fedoraproject.org/wiki/Changes/Python_Extension_Flags
Resolves: rhbz#1634784

[3.6.8-8]
- gzip the unversioned-python man page
Resolves: rhbz#1665514

[3.6.8-7]
- Disallow control chars in http URLs
- Fixes CVE-2019-9740 and CVE-2019-9947
Resolves: rhbz#1704365 and rhbz#1703531

[3.6.8-6]
- Updated fix for CVE-2019-9636 (rhbz#1689318)

[3.6.8-5]
- Security fix for CVE-2019-9636 (rhbz#1689318)


Related CVEs


CVE-2019-9740
CVE-2019-5010
CVE-2019-9947
CVE-2019-9948

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) python3-3.6.8-15.1.0.1.el8.src.rpmee1fe3ed348e38c123648356760a4ab7-
platform-python-3.6.8-15.1.0.1.el8.aarch64.rpm98d1b00e020b2a4a806153f38a9f41de-
platform-python-debug-3.6.8-15.1.0.1.el8.aarch64.rpmfeddc497dd42fe32812a45fa6e9569db-
platform-python-devel-3.6.8-15.1.0.1.el8.aarch64.rpm572bd297e56e85acd2961b8c9db633cd-
python3-idle-3.6.8-15.1.0.1.el8.aarch64.rpm0c8fb67c766975f8c046f442beadd55c-
python3-libs-3.6.8-15.1.0.1.el8.aarch64.rpmd92b82f3eec5a48b2b05ac26310f3c08-
python3-test-3.6.8-15.1.0.1.el8.aarch64.rpm820a47efd99f28440eaae8c61d9751a0-
python3-tkinter-3.6.8-15.1.0.1.el8.aarch64.rpmb3bb5f15b80646ef7c76182032cb6de9-
Oracle Linux 8 (x86_64) python3-3.6.8-15.1.0.1.el8.src.rpmee1fe3ed348e38c123648356760a4ab7-
platform-python-3.6.8-15.1.0.1.el8.i686.rpmeab8dba1728fba7417dbec54a0318924-
platform-python-3.6.8-15.1.0.1.el8.x86_64.rpm9768abf08cc8821a95d605c53c516866-
platform-python-debug-3.6.8-15.1.0.1.el8.i686.rpmac9137dfa2dcc6abea10e77e737311a3-
platform-python-debug-3.6.8-15.1.0.1.el8.x86_64.rpm75af715389ac66d46c84751c9d011376-
platform-python-devel-3.6.8-15.1.0.1.el8.i686.rpmef610b19a1615fd89b72ddeed0e0ea08-
platform-python-devel-3.6.8-15.1.0.1.el8.x86_64.rpma0f508b7390076cf68705c5fbbefd849-
python3-idle-3.6.8-15.1.0.1.el8.i686.rpm9cc5dbb97c011d96fb6162134b62b4dc-
python3-idle-3.6.8-15.1.0.1.el8.x86_64.rpmfbbbd2b48c15cc2a249120d7231222e7-
python3-libs-3.6.8-15.1.0.1.el8.i686.rpmdddb2321eda3b6af9dd20ff097b368a5-
python3-libs-3.6.8-15.1.0.1.el8.x86_64.rpm1f9f7e34d080a097c47bc3e6d7ff0663-
python3-test-3.6.8-15.1.0.1.el8.i686.rpm685f14551fc6e73ee0471799aec06b95-
python3-test-3.6.8-15.1.0.1.el8.x86_64.rpm44aeb437d781ea6ead30b82a34ce8786-
python3-tkinter-3.6.8-15.1.0.1.el8.i686.rpm7e138a9b681db5f1ad14c3404ab49d69-
python3-tkinter-3.6.8-15.1.0.1.el8.x86_64.rpm7739b095f564147d1b54c0d0e323637d-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete