Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
patchinfo.2771
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.2771
<patchinfo incident="2771"> <issue id="984751" tracker="bnc">VUL-1: CVE-2016-0772: python,python3: smtplib StartTLS stripping attack</issue> <issue id="985177" tracker="bnc">VUL-1: CVE-2016-5636: python3,python: Heap overflow in zipimporter module</issue> <issue id="989523" tracker="bnc">VUL-1: CVE-2016-1000110: python,python3: Python CGIHandler: sets environmental variable based on user supplied Proxy request header</issue> <issue id="985348" tracker="bnc">VUL-0: CVE-2016-5699: python,python3: http protocol steam injection attack</issue> <issue tracker="bnc" id="1122191">VUL-0: CVE-2019-5010: python,python3,python27: NULL pointer dereference using a specially crafted X509 certificate causes DOS</issue> <issue id="2016-1000110" tracker="cve" /> <issue id="2016-0772" tracker="cve" /> <issue id="2016-5699" tracker="cve" /> <issue id="2016-5636" tracker="cve" /> <issue id="2019-5010" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>matejcik</packager> <description>This update for python fixes the following issues: Security issues fixed: - CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack (bsc#984751) - CVE-2016-5636: heap overflow when importing malformed zip files (bsc#985177) - CVE-2016-5699: incorrect validation of HTTP headers allow header injection (bsc#985348) - CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_METHOD is also set (bsc#989523) - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191) </description> <summary>Security update for python</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor