Lucene search
OracleLinuxELSA-2019-3520HistoryNov 14, 2019 - 12:00 a.m.
python3 security and bug fix update
2019-11-1400:00:00
linux.oracle.com
44
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
[3.6.8-15.1.0.1]
- Add Oracle Linux distribution in platform.py [Orabug: 20812544]
[3.6.8-15.1] - Patch 329 (FIPS) modified: Added workaround for mod_ssl:
Skip error checking in _Py_hashlib_fips_error
Resolves: rhbz#1760106
[3.6.8-15] - Patch 329 that adds support for OpenSSL FIPS mode has been improved and
bugfixed
Resolves: rhbz#1744670 rhbz#1745499 rhbz#1745685
[3.6.8-14] - Adding a new patch 329 that adds support for OpenSSL FIPS mode
- Explicitly listing man pages in files section to fix an RPM warning
Resolves: rhbz#1731424
[3.6.8-13] - Do not set PHA verify flag on client side (rhbz#1725721)
- Enable TLS 1.3 post-handshake authentication in http.client (rhbz#1671353)
[3.6.8-12] - Use RPM built wheels of pip and setuptools in ensurepip instead of our rewheel patch
- Require platform-python-setuptools from platform-python-devel to prevent packaging errors
Resolves: rhbz#1701286
[3.6.8-11] - Fix for CVE-2019-10160
Resolves: rhbz#1689318
[3.6.8-10] - Security fix for CVE-2019-9948
Resolves: rhbz#1714643
[3.6.8-9] - Reduced default build flags used to build extension modules
https://fedoraproject.org/wiki/Changes/Python_Extension_Flags
Resolves: rhbz#1634784
[3.6.8-8] - gzip the unversioned-python man page
Resolves: rhbz#1665514
[3.6.8-7] - Disallow control chars in http URLs
- Fixes CVE-2019-9740 and CVE-2019-9947
Resolves: rhbz#1704365 and rhbz#1703531
[3.6.8-6] - Updated fix for CVE-2019-9636 (rhbz#1689318)
[3.6.8-5] - Security fix for CVE-2019-9636 (rhbz#1689318)
Related
debian
debian
[SECURITY] [DLA 1834-1] python2.7 security update
2019-06-25 03:40:12
[SECURITY] [DLA 2337-1] python2.7 security update
2020-08-22 14:48:43
[SECURITY] [DLA 1835-1] python3.4 security update
2019-06-25 03:40:34
oraclelinux
oraclelinux
python security and bug fix update
2019-08-13 00:00:00
python security update
2019-06-13 00:00:00
python27:2.7 security and bug fix update
2019-11-14 00:00:00
nessus
nessus
Debian DLA-1834-1 : python2.7 security update
2019-06-25 00:00:00
CentOS 8 : python3 (CESA-2019:3520)
2021-01-29 00:00:00
RHEL 8 : python3 (RHSA-2019:3520)
2019-11-06 00:00:00
openvas
openvas
Debian LTS: Security Advisory for python2.7 (DLA-1834-1)
2019-06-26 00:00:00
Fedora Update for python3 FEDORA-2019-60a1defcd1
2019-08-05 00:00:00
Fedora Update for python3 FEDORA-2019-ec26883852
2019-05-28 00:00:00
redhat
redhat
(RHSA-2019:3520) Moderate: python3 security and bug fix update
2019-11-05 17:55:39
(RHSA-2019:2030) Moderate: python security and bug fix update
2019-08-06 07:52:47
(RHSA-2019:1700) Important: python27-python security update
2019-07-08 10:38:49
fedora
fedora
[SECURITY] Fedora 29 Update: python3-3.7.4-1.fc29
2019-08-05 01:41:23
[SECURITY] Fedora 29 Update: python3-3.7.3-3.fc29
2019-05-27 03:24:11
[SECURITY] Fedora 29 Update: python3-docs-3.7.4-1.fc29
2019-08-05 01:41:24
osv
osv
python2.7 - security update
2019-06-24 00:00:00
python2.7 - security update
2020-08-22 00:00:00
python3.4 - security update
2019-06-24 00:00:00
gentoo
gentoo
Python: Multiple vulnerabilities
2020-03-15 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2019-09-10 00:00:00
Python vulnerabilities
2019-09-09 00:00:00
cloudfoundry
cloudfoundry
USN-4127-1: Python vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Python affect IBM Operations Analytics Predictive Insights (CVE-2019-9948, CVE-2019-9947)
2020-02-28 16:52:51
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Cloud Foundry - Python (CVE-2019-9947, CVE-2019-9948)
2020-01-02 14:17:55
Security Bulletin: Vulnerabilities in python affects IBM Watson Studio Local
2019-12-20 21:38:39
amazon
amazon
Important: python27
2019-08-07 23:02:00
Medium: python27
2019-06-25 21:32:00
Important: python34
2019-11-19 17:31:00
centos
centos
python, tkinter security update
2019-08-30 04:00:52
python, tkinter security update
2019-06-24 17:07:31
mageia
mageia
Updated python packages fix security vulnerabilities
2019-11-08 02:36:48
prion
prion
Crlf injection
2019-03-23 18:29:00
Authentication flaw
2019-06-07 18:29:00
cve
cve
CVE-2019-9947
2019-03-23 18:29:00
CVE-2019-10160
2019-06-07 18:29:00
freebsd
freebsd
python 3.6 -- multiple vulnerabilities
2019-03-13 00:00:00
python 3.7 -- multiple vulnerabilities
2019-03-13 00:00:00
debiancve
debiancve
CVE-2019-9947
2019-03-23 18:29:00
CVE-2019-10160
2019-06-07 18:29:00
redhatcve
redhatcve
ubuntucve
ubuntucve
suse
suse
Security update for python (important)
2019-06-18 00:00:00
Security update for python (important)
2019-08-15 00:00:00
Security update for python (important)
2019-04-25 00:00:00
veracode
veracode
Information Disclosure
2019-06-24 00:20:59
CRLF Injection
2020-08-06 21:34:27
f5
f5
K57542514 : Python vulnerabilities CVE-2019-9636 and CVE-2019-10160
2020-09-16 00:00:00
slackware
slackware
[slackware-security] python
2019-10-20 20:16:04
almalinux
almalinux
Moderate: python27:2.7 security and bug fix update
2019-11-05 17:32:12
rocky
rocky
python27:2.7 security and bug fix update
2019-11-05 17:32:12
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
Related for ELSA-2019-3520