Updated python packages fix security vulnerability
Publication date: 14 Feb 2019Modification date: 14 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-5010
Description
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability (CVE-2019-5010).
References
SRPMS
6/core
- python-2.7.15-1.2.mga6