Oracle Errata SystemOracle Linux5.32021-09-09T12:47:53
ELSA-2012-0744: python security update (MODERATE)
Oracle Linux 6
[2.6.6-29.el6_2.2]
- if hash randomization is enabled, also enable it within pyexpat
Resolves: CVE-2012-0876
[2.6.6-29.el6_2.1]
- distutils.config: create ~/.pypirc securely
Resolves: CVE-2011-4944
- fix endless loop in SimpleXMLRPCServer upon malformed POST request
Resolves: CVE-2012-0845
- send encoding in SimpleHTTPServer.list_directory to protect IE7 against
potential XSS attacks
Resolves: CVE-2011-4940
- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment
variable, to provide an opt-in way to protect against denial of service
attacks due to hash collisions within the dict and set types
Resolves: CVE-2012-1150
MODERATECopyright 2012 Oracle, Inc.CVE-2011-4940CVE-2011-4944CVE-2012-0845CVE-2012-1150tkinteroraclelinux-releasepythonpython-develpython-libspython-toolspython-test72f97b74ec551f03^6x86_640:2.6.6-29.el6_2.2i686