MGASA-2016-0230
- Source
- https://advisories.mageia.org/MGASA-2016-0230.html
- Import Source
- https://advisories.mageia.org/MGASA-2016-0230.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2016-0230
- Related
- Published
- 2016-06-22T16:36:39Z
- Modified
- 2016-06-22T16:29:18Z
- Summary
- Updated python packages fix security vulnerabilities
- Details
-
Updated python and python3 packages fixes security vulnerability:
- Heap overflow in zipimporter module (CVE-2016-5636).
- HTTP header injection in urrlib2/urllib/httplib/http.client (CVE-2016-5699).
- smtplib StartTLS stripping attack (CVE-2016-0772).
- References
-
- https://advisories.mageia.org/MGASA-2016-0230.html
- https://bugs.mageia.org/show_bug.cgi?id=18691
- http://openwall.com/lists/oss-security/2016/06/16/1
- http://openwall.com/lists/oss-security/2016/06/16/2
- http://openwall.com/lists/oss-security/2016/06/14/9
- https://bugs.python.org/issue26171
- https://bugs.python.org/issue5124
- https://bugs.python.org/issue22928
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / python
Package
- Name
- python
- Purl
- pkg:rpm/mageia/python?distro=mageia-5
Mageia:5 / python3
Package
- Name
- python3
- Purl
- pkg:rpm/mageia/python3?distro=mageia-5