[El-errata] ELSA-2016-1626 Moderate: Oracle Linux 7 python security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 18 13:30:09 PDT 2016
Oracle Linux Security Advisory ELSA-2016-1626
http://linux.oracle.com/errata/ELSA-2016-1626.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
python-2.7.5-38.0.1.el7_2.x86_64.rpm
python-debug-2.7.5-38.0.1.el7_2.x86_64.rpm
python-devel-2.7.5-38.0.1.el7_2.x86_64.rpm
python-libs-2.7.5-38.0.1.el7_2.i686.rpm
python-libs-2.7.5-38.0.1.el7_2.x86_64.rpm
python-test-2.7.5-38.0.1.el7_2.x86_64.rpm
python-tools-2.7.5-38.0.1.el7_2.x86_64.rpm
tkinter-2.7.5-38.0.1.el7_2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-2.7.5-38.0.1.el7_2.src.rpm
Description of changes:
[2.7.5-38.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]
[2.7.5-38]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359163
[2.7.5-37]
- Force all child threads to terminate in TestForkInThread
Resolves: rhbz#1365200
[2.7.5-36]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack
(rhbz#1303647)
Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack
(rhbz#1303699)
Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346356
[2.7.5-35]
- Adjusted tests to acknowledge lack of SSLv2 support
Resolves: rhbz#1351584
More information about the El-errata
mailing list