[El-errata] ELSA-2017-1868 Moderate: Oracle Linux 7 python security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 8 13:42:17 PDT 2017

Oracle Linux Security Advisory ELSA-2017-1868


The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:
- Add Oracle Linux distribution in platform.py [orabug 20812544]

- Set stream to None in case an _open() fails.
Resolves: rhbz#1432003

- Fix implicit declaration warnings of functions added by patches 147 
and 265
Resolves: rhbz#1441237

- Fix shutil.make_archive ignoring empty directories when creating zip files
Resolves: rhbz#1439734

- Update Python RPM macros with new ones from EPEL7 to simplify packaging
Resolves: rhbz#1297522

- Protect key list during fork()
Resolves: rhbz#1268226

- Fix _ssl.c reference leaks
Resolves: rhbz#1272562

- Workaround Python's threading library issue with non returning wait, 
for signals with timeout
Resolves: rhbz#1368076

- Enable certificate verification by default
Resolves: rhbz#1219110

- Fix incorrect parsing of certain regular expressions
Resolves: rhbz#1373363

- Fix ssl module's parsing of GEN_RID subject alternative name fields in 
X.509 certs
Resolves: rhbz#1364444

- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359164

- Fix for CVE-2016-5636: possible integer overflow and heap corruption 
in zipimporter.get_data()
Resolves: rhbz#1356364

- Drop patch 221 that backported sslwrap function since it was 
introducing regressions
- Refactor patch 227
Resolves: rhbz#1331425

- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack 
   Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack 
   Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346357

- Fix iteration over files with very long lines
Resolves: rhbz#1271760

- Move python.conf from /etc/tmpfiles.d/ to /usr/lib/tmpfiles.d/
Resolves: rhbz#1288426

- JSON decoder lone surrogates fix
Resolves: rhbz#1301017

- Updated PEP493 implementation
Resolves: rhbz#1315758

- Backport of Computed Goto dispatch
Resolves: rhbz#1289277

More information about the El-errata mailing list