openSUSE Security Update : tomcat (openSUSE-2016-1056) (httpoxy)

This update for tomcat fixes the following issues : - CVE-2016-3092: Usage of vulnerable FileUpload package can result in denial of service. bsc986359 - CVE-2016-5388: Setting HTTPPROXY environment variable via Proxy header. bsc988489 This update was imported from the SUSE:SLE-12-SP1:Update...

SUSE-SU-2016:2229-1 Security update for tomcat6

This update for tomcat6 fixes the following issue: - CVE-2016-5388 Setting HTTPPROXY environment variable via Proxy header bsc988489...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2016:2090-1) (httpoxy)

This update for apache2 fixes the following issues : - It used to be possible to set an arbitrary $HTTPPROXY environment variable for request handlers -- like CGI scripts -- by including a specially crafted HTTP header in the request CVE-2016-5387. As a result, these server components would...

Amazon Linux AMI : python34 / python27,python26 (ALAS-2016-741) (httpoxy)

It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP...

Medium: python34, python27, python26

Issue Overview: It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a...

Scientific Linux Security Update : python on SL6.x, SL7.x i386/x86_64 (20160818) (httpoxy)

Security Fixes : - It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via ...

CentOS 6 / 7 : python (CESA-2016:1626) (httpoxy)

An update for python is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 6 : Red Hat JBoss Web Server 3.0.3 Service Pack 1 (RHSA-2016:1636) (httpoxy)

Updated packages that provide Red Hat JBoss Web Server 3.0.3 Service Pack 1 and fixes two security issues and a bug with ajp processors are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

RHEL 6 / 7 : python (RHSA-2016:1626) (httpoxy)

An update for python is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CentOS Update for python CESA-2016:1626 centos7

Check the version of python SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882545";...

RedHat Update for python RHSA-2016:1626-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: python33-python security update

An update for python33-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Moderate: Red Hat Security Advisory: rh-python34-python security update

An update for rh-python34-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: python27-python security update

An update for python27-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Moderate: Red Hat Security Advisory: rh-python35-python security update

An update for rh-python35-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Amazon Linux AMI : golang (ALAS-2016-731) (httpoxy)

An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable 'HTTPPROXY' using the incoming 'Proxy' HTTP-request header. The environment variable 'HTTPPROXY' is used by numerous web clients, including Go's net/http package,...

Medium: golang

Issue Overview: An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTPPROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTPPROXY" is used by numerous web clients, including Go's...

CentOS 7 : php (CESA-2016:1613) (httpoxy)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

openSUSE Security Update : go (openSUSE-2016-979) (httpoxy)

This update addresses a security issue affecting code statically linked with go : - CVE-2016-5386: A remote attacker could set the HTTPPROXY environment variable via Proxy header bsc988487 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

RHEL 7 : php (RHSA-2016:1613) (httpoxy)

An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...