Advisories » MGASA-2013-0376

Updated python3 and related packages fix security vulnerabilities and prevent an error

Publication date: 17 Dec 2013
Modification date: 17 Dec 2013
Type: security
Affected Mageia releases : 3

Description

Changed behavior of ssl.match_hostname() to follow RFC 6125

Also python-virtualenv has had inc_dir settings altered to avoid
"#include nested too deeply" error (mga#11283)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=11283
• https://bugs.mageia.org/show_bug.cgi?id=11785
• http://bugs.python.org/issue17997#msg194950
• https://lists.fedoraproject.org/pipermail/package-announce/2013-November/122682.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1023742

SRPMS

3/core

• python3-3.3.0-4.5.mga3
• python-virtualenv-1.10.1-1.2.mga3
• python-requests-0.13.5-2.2.mga3
• bzr-2.5.1-3.2.mga3
• python-pip-1.3.1-2.2.mga3
• python-tornado-2.3-2.2.mga3
• python-urllib3-1.7.1-1.1.mga3
• python-setuptools-0.9.8-2.2.mga3