File _patchinfo of Package patchinfo.328

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.328

<patchinfo>
  <category>security</category>
  <rating>moderate</rating>
  <packager>computersalat</packager>
  <summary>update for python</summary>
  <issue id="863741" tracker="bnc">VUL-0: CVE-2014-1912: python: buffer overflow in socket.recvfrom_into</issue>
  <issue id="CVE-2014-1912" tracker="cve"/>
  <issue id="884075" tracker="bnc">VUL-0: CVE-2014-4616: python: missing boundary check in JSON module</issue>
  <issue id="CVE-2014-4616" tracker="cve" />
  <issue id="885882" tracker="bnc">VUL-0: CVE-2014-4650: python: CGIHTTPServer does not properly handle encoded URL</issue>
  <issue id="CVE-2014-4650" tracker="cve" />
  <issue id="898572" tracker="bnc">VUL-0: CVE-2014-7185: python: potential buffer overflow</issue>
  <issue id="CVE-2014-7185" tracker="cve"></issue>
  <issue id="901715" tracker="bnc">Disable SSL2 by default</issue>

<description>This update fixes the following security issues:

bnc#863741 (CVE-2014-1912): Fixed potential buffer overflow in socket.recvfrom_into
bnc#884075 (CVE-2014-4616): Missing boundary check in JSON module
bnc#885882 (CVE-2014-4650): CGIHTTPServer file disclosure and directory traversal through URL-encoded characters
  remove link count optimizations that are incorrect on btrfs (and possibly other filesystems)
bnc#898572 (CVE-2014-7185): potential wraparound/overflow in buffer()
bnc#901715: Disable SSL2 by default

</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.328

Places