Описание
ELSA-2011-0492: python security update (MODERATE)
[2.4.3-44]
- add patch adapted from upstream (patch 208) to add support for building against system expat; add --with-system-expat to configure invocation; remove embedded copy of expat-1.95.8 from the source tree during prep
- ensure pyexpat.so gets built by explicitly listing all C modules in the payload in %files, rather than using dynfiles Resolves: CVE-2009-3720
- backport three security fixes to 2.4 (patches 209, 210, 211): Resolves: CVE-2011-1521 Resolves: CVE-2011-1015 Resolves: CVE-2010-3493
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
python
2.4.3-44.el5
python-devel
2.4.3-44.el5
python-libs
2.4.3-44.el5
python-tools
2.4.3-44.el5
tkinter
2.4.3-44.el5
Oracle Linux x86_64
python
2.4.3-44.el5
python-devel
2.4.3-44.el5
python-libs
2.4.3-44.el5
python-tools
2.4.3-44.el5
tkinter
2.4.3-44.el5
Oracle Linux i386
python
2.4.3-44.el5
python-devel
2.4.3-44.el5
python-libs
2.4.3-44.el5
python-tools
2.4.3-44.el5
tkinter
2.4.3-44.el5
Связанные CVE
Связанные уязвимости
ELSA-2011-0554: python security, bug fix, and enhancement update (MODERATE)
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6 ...