Overview

File _patchinfo of Package patchinfo.2736

<patchinfo>
  <issue id="637176" tracker="bnc">Python doesn't have the PEP 370 compatible lib64 path</issue>
  <issue id="871152" tracker="bnc">VUL-0: CVE-2014-2667: python3: race in mkdir()</issue>
  <issue id="869222" tracker="bnc">VUL-0: CVE-2013-7338: python: denial of service (endless loop) via corrupted ZIP files</issue>
  <issue id="863741" tracker="bnc">VUL-0: CVE-2014-1912: python: buffer overflow in socket.recvfrom_into</issue>
  <issue id="CVE-2014-2667" tracker="cve" />
  <issue id="CVE-2013-7338" tracker="cve" />
  <issue id="CVE-2014-1912" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>matejcik</packager>
  <description>This python update fixes the following security and non-security issues:

- bnc#869222: Fixed DoS when opening malicious archives (CVE-2013-7338).
- bnc#863741: Fixed buffer overflow in socket.recvfrom_into
  (CVE-2014-1912).
- bnc#871152: Fixed race condition with umask when creating directories 
  with os.mkdirs (CVE-2014-2667).
- bnc#637176: Fixed update multilib patch to handle home install scheme.
</description>
  <summary>update for python3</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places