FEDORA-2016-e37f15a5f4 — security update for python

stable

python-2.7.10-10.fc22

FEDORA-2016-e37f15a5f4 created by torsava 6 years ago for Fedora 22

Security fix for CVE-2016-0772

Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2016-e37f15a5f4

This update has been submitted for testing by torsava.

6 years ago

This update has obsoleted python-2.7.10-9.fc22, and has inherited its bugs and notes.

6 years ago

This update has been pushed to testing.

6 years ago

filiperosset commented & provided feedback 6 years ago

karma

no regressions noted

greenfeld commented & provided feedback 6 years ago

karma

Basic python usage works

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

6 years ago

This update has been submitted for stable by cstratak.

6 years ago

churchyard provided feedback 6 years ago

karma

BZ#1303647 CVE-2016-0772 python: smtplib StartTLS stripping attack

BZ#1346344 CVE-2016-0772 python: smtplib StartTLS stripping attack [fedora-all]

BZ#1345858 CVE-2016-5636 python: Heap overflow in zipimporter module [fedora-all]

This update has been pushed to stable.

6 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Builds

python-2.7.10-10.fc22

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

6 years ago

in testing

6 years ago

in stable

6 years ago

BZ#1303647 CVE-2016-0772 python: smtplib StartTLS stripping attack

BZ#1345858 CVE-2016-5636 python: Heap overflow in zipimporter module [fedora-all]

BZ#1346344 CVE-2016-0772 python: smtplib StartTLS stripping attack [fedora-all]

python-2.7.10-10.fc22

Automated Test Results

None