Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2013:1582
HistoryNov 26, 2013 - 1:32 p.m.

python, tkinter security update

2013-11-2613:32:42
CentOS Project
lists.centos.org
45

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.1%

JSON

CentOS Errata and Security Advisory CESA-2013:1582

Python is an interpreted, interactive, object-oriented programming
language.

A flaw was found in the way the Python SSL module handled X.509 certificate
fields that contain a NULL byte. An attacker could potentially exploit this
flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that
to exploit this issue, an attacker would need to obtain a carefully crafted
certificate signed by an authority that the client trusts. (CVE-2013-4238)

These updated python packages include numerous bug fixes and one
enhancement. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical
Notes, linked to in the References, for information on the most significant
of these changes.

All users of python are advised to upgrade to these updated packages, which
fix these issues and add this enhancement.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2013-November/027326.html

Affected packages:
python
python-devel
python-libs
python-test
python-tools
tkinter

Upstream details at:
https://access.redhat.com/errata/RHSA-2013:1582

OSVersionArchitecturePackageVersionFilename
CentOS6i686python<ย 2.6.6-51.el6python-2.6.6-51.el6.i686.rpm
CentOS6i686python-devel<ย 2.6.6-51.el6python-devel-2.6.6-51.el6.i686.rpm
CentOS6i686python-libs<ย 2.6.6-51.el6python-libs-2.6.6-51.el6.i686.rpm
CentOS6i686python-test<ย 2.6.6-51.el6python-test-2.6.6-51.el6.i686.rpm
CentOS6i686python-tools<ย 2.6.6-51.el6python-tools-2.6.6-51.el6.i686.rpm
CentOS6i686tkinter<ย 2.6.6-51.el6tkinter-2.6.6-51.el6.i686.rpm
CentOS6x86_64python<ย 2.6.6-51.el6python-2.6.6-51.el6.x86_64.rpm
CentOS6x86_64python-devel<ย 2.6.6-51.el6python-devel-2.6.6-51.el6.x86_64.rpm
CentOS6x86_64python-libs<ย 2.6.6-51.el6python-libs-2.6.6-51.el6.x86_64.rpm
CentOS6x86_64python-test<ย 2.6.6-51.el6python-test-2.6.6-51.el6.x86_64.rpm
Rows per page:
1-10 of 121

Related

nessus 33
openvas 44
oraclelinux 1
redhat 2
ubuntu 4
fedora 10
securityvulns 2
cve 2
ubuntucve 1
osv 4
f5 2
debian 2
amazon 2
prion 2
seebug 1
mageia 2
veracode 1
debiancve 1
vmware 2
ibm 1
suse 1
nessus
nessus
Fedora 19 : python3-3.3.2-6.fc19 (2013-15254)
2013-08-28 00:00:00
Scientific Linux Security Update : python on SL6.x i386/x86_64 (20131121)
2013-12-04 00:00:00
Fedora 19 : python-2.7.5-4.fc19 (2013-15146)
2013-08-25 00:00:00
openvas
openvas
Python 2.6.x < 2.6.9, 2.7.x < 2.7.6, 3.2.x < 3.2.6, 3.3.x < 3.3.3 SSL NULL Byte Vulnerability (bpo-18709) - Linux
2021-11-02 00:00:00
RedHat Update for python RHSA-2013:1582-02
2013-11-21 00:00:00
Fedora Update for python FEDORA-2013-15146
2013-08-27 00:00:00
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2013-11-26 00:00:00
redhat
redhat
(RHSA-2013:1582) Moderate: python security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
ubuntu
ubuntu
Python 2.6 vulnerability
2013-10-01 00:00:00
Python 2.7 vulnerabilities
2013-10-01 00:00:00
Python 3.3 vulnerabilities
2013-10-01 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: python-2.7.5-4.fc19
2013-08-24 22:27:19
[SECURITY] Fedora 19 Update: python3-3.3.2-8.fc19
2013-11-26 04:01:31
[SECURITY] Fedora 19 Update: python3-3.3.2-6.fc19
2013-08-27 23:35:51
securityvulns
securityvulns
Python SSL certificate check bypass
2013-10-02 00:00:00
NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
2014-12-11 00:00:00
cve
cve
CVE-2013-4238
2013-08-18 02:52:00
CVE-2013-4328
2013-08-27 03:34:00
ubuntucve
ubuntucve
CVE-2013-4238
2013-08-17 00:00:00
osv
osv
python2.7 - security update
2014-03-17 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
f5
f5
SOL15638 - Python vulnerability CVE-2013-4238
2014-09-29 00:00:00
K15638 : Python vulnerability CVE-2013-4238
2014-10-17 00:00:00
debian
debian
[SECURITY] [DSA 2880-1] python2.7 security update
2014-03-17 18:07:37
[DLA 25-1] python2.6 security update
2014-07-31 21:07:32
amazon
amazon
Medium: python27
2013-09-04 13:31:00
Medium: python26
2013-11-03 12:09:00
prion
prion
Design/Logic Flaw
2013-08-18 02:52:00
Design/Logic Flaw
2013-08-27 03:34:00
seebug
seebug
Pythonๅคšไธชๅฎ‰ๅ…จๆผๆดž
2013-12-30 00:00:00
mageia
mageia
Updated python3, bzr and some python packages fix security vulnerabilties
2013-08-22 21:58:14
Updated python packages fix CVE-2013-4328 and pip
2013-08-17 12:43:24
veracode
veracode
Man-in-the-Middle (MitM)
2019-01-15 08:51:35
debiancve
debiancve
CVE-2013-4238
2013-08-18 02:52:00
vmware
vmware
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in python 2.6.4 used in OS Image for AIX shipped with IBM Cloud Pak System
2020-05-06 11:57:04
suse
suse
Security update for python3 (important)
2020-01-21 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.1%

JSON
Related for CESA-2013:1582
nessus33openvas44oraclelinux1redhat2ubuntu4fedora10securityvulns2cve2ubuntucve1osv4f52debian2amazon2prion2seebug1mageia2veracode1debiancve1vmware2ibm1suse1