Security update for python
This update for python fixes the following issues:
The following security vulnerabilities were addressed:
- Add a check to Lib/wave.py that verifies that at least one channel is
provided. Prior to this, attackers could cause a denial of service via a
crafted wav format audio file. [bsc#1083507, CVE-2017-18207]
This update was imported from the SUSE:SLE-12-SP1:Update update project.
-
Submitted by
Peter Simons (psimons)
Fixed bugs
bnc#1083507
VUL-0: CVE-2017-18207: python,python3: The Wave_read._read_fmt_chunk function in Lib/wave.py does not ensure a nonzero channel value, which allows attackers to cause a denial of service
