Create an account

Subscribe to LWN

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

python3: multiple vulnerabilities

Package(s):

python3

CVE #(s):

CVE-2012-1150 CVE-2012-0845 CVE-2011-3389

Created:

May 3, 2012

Updated:

April 5, 2013

Description:

From the Fedora advisory:

Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003) https://bugzilla.redhat.com/show_bug.cgi?id=750555

Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request https://bugzilla.redhat.com/show_bug.cgi?id=789790

Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST) https://bugzilla.redhat.com/show_bug.cgi?id=812068

Alerts:

Fedora	FEDORA-2012-5916	2012-05-03
Fedora	FEDORA-2012-5924	2012-05-06
Fedora	FEDORA-2012-5924	2012-05-06
openSUSE	openSUSE-SU-2012:0667-1	2012-05-30
Red Hat	RHSA-2012:0744-01	2012-06-18
Red Hat	RHSA-2012:0745-01	2012-06-18
CentOS	CESA-2012:0745	2012-06-18
Scientific Linux	SL-pyth-20120618	2012-06-18
Scientific Linux	SL-pyth-20120618	2012-06-18
CentOS	CESA-2012:0744	2012-06-18
Oracle	ELSA-2012-0744	2012-06-19
Oracle	ELSA-2012-0745	2012-06-19
Fedora	FEDORA-2012-9135	2012-06-19
Mandriva	MDVSA-2012:097	2012-06-20
Mandriva	MDVSA-2012:096	2012-06-20
Mandriva	MDVSA-2012:096-1	2012-07-02
Mageia	MGASA-2012-0169	2012-07-19
Mandriva	MDVSA-2012:149	2012-09-01
Ubuntu	USN-1592-1	2012-10-02
Ubuntu	USN-1596-1	2012-10-04
Ubuntu	USN-1613-2	2012-10-17
Ubuntu	USN-1613-1	2012-10-17
Ubuntu	USN-1615-1	2012-10-23
Ubuntu	USN-1616-1	2012-10-24
Gentoo	201301-01	2013-01-07
Mandriva	MDVSA-2013:037	2013-04-05

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds