[linux-sparc-announce] LFSSA-2016-0365 Important: Linux for SPARC 1.0 python security update
Announcements for Linux for SPARC
linux-sparc-announce at oss.oracle.com
Thu Sep 29 09:19:01 PDT 2016
Linux for SPARC Security Advisory LFSSA-2016-0365
The following updated rpms for Linux for SPARC 1.0 have been uploaded to
the yum.oracle.com:
sparc64:
python-2.6.6-66.0.2.el6_8.sparc64.rpm
python-devel-2.6.6-66.0.2.el6_8.sparc64.rpm
python-libs-2.6.6-66.0.2.el6_8.sparc64.rpm
python-test-2.6.6-66.0.2.el6_8.sparc64.rpm
python-tools-2.6.6-66.0.2.el6_8.sparc64.rpm
tkinter-2.6.6-66.0.2.el6_8.sparc64.rpm
SRPMS:
http://yum.oracle.com/repo/linux_sparc64/latest/python-2.6.6-66.0.2.el6_8.src.rpm
Description of changes:
[2.6.6-64.0.2]
- Add to with_valgrind_config_opt global to prevent src.rpm from
erroring out
- sys.platform is now always 'linux2' on Linux
[2.6.6-66.0.1]
- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav
Sharma)
[2.6.6-66]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359161
[2.6.6-65]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack
(rhbz#1303647)
Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack
(rhbz#1303699)
Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346354
More information about the linux-sparc-announce
mailing list