Download
| Alert*
oval:org.secpod.oval:def:38125
python2.7: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:110861 PyPy's implementation of Python 3, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:1600427 It was found that Python"s httplib library did not properly check HTTP header input in HTTPConnection.putheader. An attacker could use this flow to inject additional headers in a Python application that allows user provided header name or values. It was found that Python"s smtplib library did not r ... oval:org.secpod.oval:def:505007 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:501864 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:504911 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:1501555 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:203989 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:1501556 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:89050429 This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk . - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ . - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat . oval:org.secpod.oval:def:110835 PyPy's implementation of Python 3, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:89050320 This update for python fixes the following issues: Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions . oval:org.secpod.oval:def:505076 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:52181 python2.7: An interactive high-level object-oriented language - python3.5: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language - python3.2: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:37884 The host is installed with Python before 2.7.10 or 3.x before 3.4.4 and is prone to a CRLF injection vulnerability. A flaw is present in the application, which fails to properly handle CRLF sequences in a URL. Successful exploitation could allow attackers to inject arbitrary HTTP headers. oval:org.secpod.oval:def:504843 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:203990 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * It ... oval:org.secpod.oval:def:1800750 CVE-2016-0772: smtplib StartTLS stripping attack. CVE-2016-5636: Heap overflow in zipimporter module . CVE-2016-5699: HTTP header injection in urrlib2/urllib/ oval:org.secpod.oval:def:110848 PyPy's implementation of Python 3, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:1800239 CVE-2016-0772: smtplib StartTLS stripping attack. CVE-2016-5636: Heap overflow in zipimporter module . CVE-2016-5699: HTTP header injection in urrlib2/urllib/ oval:org.secpod.oval:def:89045130 This update for python fixes the following issues: - CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack - CVE-2016-5699: incorrect validation of HTTP headers allow header injection - CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding HTTP_PROXY when REQUEST_ ... oval:org.secpod.oval:def:110808 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89045272 This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTP_PROXY environment variable based on user supplied Proxy request header. - CVE-2016-0772: A vulnerability in s ... |