[SECURITY] Fedora 27 Update: python35-3.5.6-3.fc27

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming...

PT-2018-1947 · Libexpat +7 · Expat +7

Name of the Vulnerable Software and Affected Versions: Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15 Description: The issue is related to Python's elementtree C accelerator failing to initialize Expat's hash salt during initialization...

[SECURITY] Fedora 28 Update: python35-3.5.6-1.fc28

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 27 Update: python35-3.5.6-1.fc27

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

The Firmware Analysis and Comparison Tool: FACT

The Firmware Analysis and Comparison Tool formerly known as Fraunhofer’s Firmware Analysis Framework FAF is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analysis. Additionally, it can compare several images or single files...

[SECURITY] Fedora 26 Update: python35-3.5.4-2.fc26

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 27 Update: python35-3.5.4-2.fc27

Python 3.5 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.5, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 27 Update: python-sanic-0.6.0-1.fc27

Sanic is a Flask-like Python 3.5+ web server that's written to go fast. It's based on the work done by the amazing folks at magicstack, and was inspired by this article: https://magic.io/blog/uvloop-blazing-fast-python-networking/. On top of being Flask-like, Sanic supports async request handlers...

CVE-2014-4616

Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...

Run HTTP Flood DDoS Attacks: Wreckuests

Stress Testing: Run HTTP Flood DDoS Attacks Wreckuests is a script, which allows you to run DDoS attacks with HTTP-floodGET/POST. It’s written in pure Python and uses proxy-servers as “bots”. This script is published for educational purposes only! Features Cache bypass with random ?abcd=efg...

openSUSE: Security Advisory for vim (openSUSE-SU-2016:2993-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : vim (openSUSE-2016-1390)

This update for vim fixes the following security issues : - Fixed CVE-2016-1248 an arbitrary command execution vulnerability bsc1010685 This update for vim fixes the following issues : - Fix build with Python 3.5. bsc988903 This update was imported from the SUSE:SLE-12:Update update project...

Security update for vim (important)

This update for vim fixes the following security issues: - Fixed CVE-2016-1248 an arbitrary command execution vulnerability bsc1010685 This update for vim fixes the following issues: - Fix build with Python 3.5. bsc988903 This update was imported from the SUSE:SLE-12:Update update project...

SUSE SLED12 / SLES12 Security Update : vim (SUSE-SU-2016:2942-1)

This update for vim fixes the following security issues : - Fixed CVE-2016-1248 an arbitrary command execution vulnerability bsc1010685 This update for vim fixes the following issues : - Fix build with Python 3.5. bsc988903 Note that Tenable Network Security has extracted the preceding descriptio...

openSUSE Security Update : postgresql93 (openSUSE-2016-253)

This update for postgresql93 fixes the following issues : - Security and bugfix release 9.3.11 : - Fix infinite loops and buffer-overrun problems in regular expressions CVE-2016-0773, boo966436. - Fix regular-expression compiler to handle loops of constraint arcs CVE-2007-4772. - Prevent certain...

Python 3.5 deque.index() Uninitialized Variable Vulnerability

Python version 3.5 suffers from a vulnerability caused by the behavior of the newblock function used by the collections.deque module. When called, newblock allocates memory using PyMemMalloc and does not initialize it. Title: Python 3.5 deque.index Uninitialized Variable Credit: John Leitch...

Python 3.5 scan_eol() Buffer Over-Read Vulnerability

Python 3.5 suffers from a vulnerability caused by the behavior of the scaneol function. When called, the function gets a line from the buffer of a BytesIO object by searching for a newline character starting at the position in the buffer. However, if the position is set to a value that is larger...

Python 3.5 time_strftime() Buffer Over-Read Vulnerability

Python 3.5 suffers from a vulnerability caused by the behavior of the timestrftime function. When called, the function loops over the format string provided, using strchr to search for each instance of '%'. After finding a '%', it continues to search two characters ahead, assuming that each...

Python 3.4 / 3.5 xmlparse_setattro() Type Confusion

Title: Python 3.4 and 3.5 xmlparsesetattro Type Confusion Credit: John Leitch [email protected], Bryce Darling [email protected] Url1: http://autosectools.com/Page/Python-xmlparsesetattro-Type-Confusion Url2: http://bugs.python.org/issue25019 Resolution: Fixed Python 3.4 and 3.5 suffer...