[El-errata] ELSA-2016-1626 Moderate: Oracle Linux 6 python security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 18 13:30:21 PDT 2016
Oracle Linux Security Advisory ELSA-2016-1626
http://linux.oracle.com/errata/ELSA-2016-1626.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
python-2.6.6-66.0.1.el6_8.i686.rpm
python-devel-2.6.6-66.0.1.el6_8.i686.rpm
python-libs-2.6.6-66.0.1.el6_8.i686.rpm
python-test-2.6.6-66.0.1.el6_8.i686.rpm
python-tools-2.6.6-66.0.1.el6_8.i686.rpm
tkinter-2.6.6-66.0.1.el6_8.i686.rpm
x86_64:
python-2.6.6-66.0.1.el6_8.x86_64.rpm
python-devel-2.6.6-66.0.1.el6_8.i686.rpm
python-devel-2.6.6-66.0.1.el6_8.x86_64.rpm
python-libs-2.6.6-66.0.1.el6_8.i686.rpm
python-libs-2.6.6-66.0.1.el6_8.x86_64.rpm
python-test-2.6.6-66.0.1.el6_8.x86_64.rpm
python-tools-2.6.6-66.0.1.el6_8.x86_64.rpm
tkinter-2.6.6-66.0.1.el6_8.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/python-2.6.6-66.0.1.el6_8.src.rpm
Description of changes:
[2.6.6-66.0.1]
- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav
Sharma)
[2.6.6-66]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359161
[2.6.6-65]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack
(rhbz#1303647)
Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack
(rhbz#1303699)
Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346354
More information about the El-errata
mailing list