Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.2770
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.2770
<patchinfo incident="2770"> <issue id="984751" tracker="bnc">VUL-1: CVE-2016-0772: python,python3: smtplib StartTLS stripping attack</issue> <issue id="985177" tracker="bnc">VUL-1: CVE-2016-5636: python3,python: Heap overflow in zipimporter module</issue> <issue id="989523" tracker="bnc">VUL-1: CVE-2016-1000110: python,python3: Python CGIHandler: sets environmental variable based on user supplied Proxy request header</issue> <issue id="985348" tracker="bnc">VUL-0: CVE-2016-5699: python,python3: http protocol steam injection attack</issue> <issue id="2016-1000110" tracker="cve" /> <issue id="2016-0772" tracker="cve" /> <issue id="2016-5699" tracker="cve" /> <issue id="2016-5636" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>matejcik</packager> <description> This update for python fixes the following issues: - CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack (bsc#984751) - CVE-2016-5636: heap overflow when importing malformed zip files (bsc#985177) - CVE-2016-5699: incorrect validation of HTTP headers allow header injection (bsc#985348) - CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_METHOD is also set (bsc#989523) </description> <summary>Security update for python</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor