File _patchinfo of Package patchinfo.5493

<patchinfo incident="5493">
  <issue id="951166" tracker="bnc">python3 upstream issue #21121</issue>
  <issue id="985177" tracker="bnc">VUL-1: CVE-2016-5636: python3,python: Heap overflow in zipimporter module</issue>
  <issue id="985348" tracker="bnc">VUL-0: CVE-2016-5699: python,python3: http protocol steam injection attack</issue>
  <issue id="984751" tracker="bnc">VUL-1: CVE-2016-0772: python,python3: smtplib StartTLS stripping attack</issue>
  <issue id="989523" tracker="bnc">VUL-1: CVE-2016-1000110: python,python3: Python CGIHandler: sets environmental variable based on user supplied Proxy request header</issue>
  <issue id="935856" tracker="bnc">python: python3: The Logjam Attack / weakdh.org</issue>
  <issue id="983582" tracker="bnc">Python3 issues with distributed version 3.4.1</issue>
  <issue id="2014-4650" tracker="cve" />
  <issue id="2016-1000110" tracker="cve" />
  <issue id="2016-0772" tracker="cve" />
  <issue id="2016-5699" tracker="cve" />
  <issue id="2016-5636" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>frispete</packager>
  <description>
This update for python3 fixes the following issues:

- apply fix for CVE-2016-1000110 - CGIHandler: sets environmental
  variable based on user supplied Proxy request header
  (fixes boo#989523, CVE-2016-1000110)

- update to 3.4.5
  check: https://docs.python.org/3.4/whatsnew/changelog.html
  (fixes boo#984751, CVE-2016-0772)
  (fixes boo#985177, CVE-2016-5636)
  (fixes boo#985348, CVE-2016-5699)


- Bump DH parameters to 2048 bit to fix logjam security issue. boo#935856


- apply fix for CVE-2016-1000110 - CGIHandler: sets environmental
  variable based on user supplied Proxy request header:
  (fixes boo#989523, CVE-2016-1000110)

</description>
  <summary>Security update for python3</summary>
</patchinfo>