Advisories ยป MGASA-2016-0230

Updated python packages fix security vulnerabilities

Publication date: 22 Jun 2016
Modification date: 22 Jun 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0772 , CVE-2016-5636 , CVE-2016-5699

Description

Updated python and python3 packages fixes security vulnerability:

- Heap overflow in zipimporter module (CVE-2016-5636).
- HTTP header injection in urrlib2/urllib/httplib/http.client (CVE-2016-5699).
- smtplib StartTLS stripping attack (CVE-2016-0772).
                

References

SRPMS

5/core