Overview

File _patchinfo of Package patchinfo.10011

<patchinfo incident="10011">
  <issue tracker="bnc" id="1109847">VUL-0: CVE-2018-14647: python,python3,python27: Missing salt initialization in _elementtree.c module</issue>
  <issue tracker="bnc" id="1122191">VUL-0: CVE-2019-5010: python,python3,python27: NULL pointer dereference using a specially crafted X509 certificate causes DOS</issue>
  <issue tracker="bnc" id="1073748">Segfault in libpython2.7.so.1</issue>
  <issue tracker="cve" id="2019-5010"/>
  <issue tracker="cve" id="2018-14647"/>
  <category>security</category>
  <rating>important</rating>
  <packager>mcepl</packager>
  <description>This update for python fixes the following issues:

Security issues fixed:

- CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191).
- CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847).

Non-security issue fixed:

- Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748).
</description>
  <summary>Security update for python</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places