Fedora alert FEDORA-2012-5916 (python3)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 15 Update: python3-3.2.3-1.fc15 | |
| Date: | Thu, 03 May 2012 07:28:39 +0000 | |
| Message-ID: | <20120503072840.2B4CF20C99@bastion01.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-5916 2012-04-14 22:42:20 -------------------------------------------------------------------------------- Name : python3 Product : Fedora 15 Version : 3.2.3 Release : 1.fc15 URL : http://www.python.org/ Summary : Version 3 of the Python programming language aka Python 3000 Description : Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. -------------------------------------------------------------------------------- Update Information: Rebase of Python 3 ("python3") from 3.2 to 3.2.3 bringing in security fixes, along with other bugfixes. See http://python.org/download/releases/3.2.3/ -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 12 2012 David Malcolm <dmalcolm@redhat.com> - 3.2.3-1 - 3.2.3; refresh patch 6 (no static lib), patch 102 (lib64) and patch 129 (test_subprocess); fix test_gdb (patches 152 and 153); regenerate the autotool intermediates patch (patch 300); run unit tests verbosely; add support for skipping unit tests in rpmbuild (patch 132), use it to skip a specific urllib test (patch 154) * Sun Oct 9 2011 Daniel Drake <dsd@laptop.org> - 3.2-3 - don't run test_openpty and test_pty in %check - exclude failing tests on ARM * Tue Apr 19 2011 David Malcolm <dmalcolm@redhat.com> - 3.2-2 - fix the libpython.stp systemtap tapset (rhbz#697730) -------------------------------------------------------------------------------- References: [ 1 ] Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003) https://bugzilla.redhat.com/show_bug.cgi?id=750555 [ 2 ] Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request https://bugzilla.redhat.com/show_bug.cgi?id=789790 [ 3 ] Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST) https://bugzilla.redhat.com/show_bug.cgi?id=812068 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python3' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...