Advisories » MGASA-2018-0004

Updated python/python3 packages fix security vulnerability

Publication date: 01 Jan 2018
Modification date: 01 Jan 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-1000158

Description

It was discovered that Python incorrectly handled decoding certain strings.
An attacker could possibly use this issue to execute arbitrary code
(CVE-2017-1000158).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22103
• https://usn.ubuntu.com/usn/usn-3496-1/
• https://usn.ubuntu.com/usn/usn-3496-3/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158

SRPMS

5/core

• python-2.7.9-2.5.mga5
• python3-3.4.3-1.6.mga5

6/core

• python-2.7.13-1.1.mga6
• python3-3.5.3-1.1.mga6