| |||||||||||||||||||
Oracle alert ELSA-2012-0744 (python)
Oracle Linux Security Advisory ELSA-2012-0744 https://rhn.redhat.com/errata/RHSA-2012-0744.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: python-2.6.6-29.el6_2.2.i686.rpm python-devel-2.6.6-29.el6_2.2.i686.rpm python-libs-2.6.6-29.el6_2.2.i686.rpm python-test-2.6.6-29.el6_2.2.i686.rpm python-tools-2.6.6-29.el6_2.2.i686.rpm tkinter-2.6.6-29.el6_2.2.i686.rpm x86_64: python-2.6.6-29.el6_2.2.x86_64.rpm python-devel-2.6.6-29.el6_2.2.x86_64.rpm python-libs-2.6.6-29.el6_2.2.x86_64.rpm python-test-2.6.6-29.el6_2.2.x86_64.rpm python-tools-2.6.6-29.el6_2.2.x86_64.rpm tkinter-2.6.6-29.el6_2.2.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/python-2.6.6-29.e... Description of changes: [2.6.6-29.el6_2.2] - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 [2.6.6-29.el6_2.1] - distutils.config: create ~/.pypirc securely Resolves: CVE-2011-4944 - fix endless loop in SimpleXMLRPCServer upon malformed POST request Resolves: CVE-2012-0845 - send encoding in SimpleHTTPServer.list_directory to protect IE7 against potential XSS attacks Resolves: CVE-2011-4940 - oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types Resolves: CVE-2012-1150 _______________________________________________ El-errata mailing list El-errata@oss.oracle.com http://oss.oracle.com/mailman/listinfo/el-errata (Log in to post comments)
|
|||||||||||||||||||