[El-errata] ELSA-2012-0745 Moderate: Oracle Linux 5 python security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jun 19 09:05:03 PDT 2012


Oracle Linux Security Advisory ELSA-2012-0745

https://rhn.redhat.com/errata/RHSA-2012-0745.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
python-2.4.3-46.el5_8.2.i386.rpm
python-devel-2.4.3-46.el5_8.2.i386.rpm
python-libs-2.4.3-46.el5_8.2.i386.rpm
python-tools-2.4.3-46.el5_8.2.i386.rpm
tkinter-2.4.3-46.el5_8.2.i386.rpm

x86_64:
python-2.4.3-46.el5_8.2.x86_64.rpm
python-devel-2.4.3-46.el5_8.2.i386.rpm
python-devel-2.4.3-46.el5_8.2.x86_64.rpm
python-libs-2.4.3-46.el5_8.2.x86_64.rpm
python-tools-2.4.3-46.el5_8.2.x86_64.rpm
tkinter-2.4.3-46.el5_8.2.x86_64.rpm

ia64:
python-2.4.3-46.el5_8.2.ia64.rpm
python-devel-2.4.3-46.el5_8.2.ia64.rpm
python-libs-2.4.3-46.el5_8.2.i386.rpm
python-libs-2.4.3-46.el5_8.2.ia64.rpm
python-tools-2.4.3-46.el5_8.2.ia64.rpm
tkinter-2.4.3-46.el5_8.2.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/python-2.4.3-46.el5_8.2.src.rpm


Description of changes:

[2.4.3-46.el5_8.2]
- if hash randomization is enabled, also enable it within pyexpat
Resolves: CVE-2012-0876

[2.4.3-46.el5_8.1]
- distutils.commands.register: create ~/.pypirc securely
Resolves: CVE-2011-4944
- send encoding in SimpleHTTPServer.list_directory to protect IE7 against
potential XSS attacks
Resolves: CVE-2011-4940
- oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment
variable, to provide an opt-in way to protect against denial of service
attacks due to hash collisions within the dict and set types
Resolves: CVE-2012-1150





More information about the El-errata mailing list