534 matches found
SUSE-SU-2015:2156-1 Security update for python-requests
python-requests was updated to fix one security issue. This security issue was fixed: - CVE-2015-2296: The resolveredirects function in sessions.py allowed remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. bsc922448 This non-security issue was...
Amazon Linux: Security Advisory (ALAS-2015-541)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-requests FEDORA-2015-4076
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-requests FEDORA-2015-9664
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : python-urllib3-1.10.4-3.20150503gita91975b.fc21 / python-requests-2.7.0-1.fc21 (2015-9664)
Inject pyOpenSSL. https://urllib3.readthedocs.org/en/latest/security.htmlinsecureplatfo rmwarning https://urllib3.readthedocs.org/en/latest/security.htmlpyopenssl Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable h...
Amazon Linux AMI : python-pip (ALAS-2015-541)
A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Updated python-pip packages fix security vulnerabilities
Updated python-pip and python-virtualenv packages fix security vulnerability: The mirroring support in python-pip was implemented without any sort of authenticity checks and is downloaded over plaintext HTTP. Further more by default it will dynamically discover the list of available mirrors by...
Moderate: Red Hat Bug Fix Advisory: Red Hat Enterprise Linux OpenStack Platform Bug Fix and Enhancement Advisory
Updated packages that resolve various issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 6. Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly...
Fedora Update for python-requests FEDORA-2015-4084
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : python-requests (MDVSA-2015:133)
Updated python-requests packages fix security vulnerabilities : Python-requests was found to have a vulnerability, where the attacker can retrieve the passwords from /.netrc file through redirect requests, if the user has their passwords stored in the /.netrc file CVE-2014-1829. It was discovered...
[SECURITY] Fedora 21 Update: python-requests-2.5.3-2.fc21
Most existing Python modules for sending HTTP requests are extremely verbos e and cumbersome. Python=E2=80=99s built-in urllib2 module provides most of the H TTP capabilities you should need, but the API is thoroughly broken. This librar y is designed to make HTTP requests easy for developers...
Updated python-requests packages fix security vulnerability
In python-requests before 2.6.0, a cookie without a host value set would use the hostname for the redirected URL exposing requests users to session fixation attacks and potentially cookie stealing CVE-2015-2296...
MGASA-2015-0120 Updated python-requests packages fix security vulnerability
In python-requests before 2.6.0, a cookie without a host value set would use the hostname for the redirected URL exposing requests users to session fixation attacks and potentially cookie stealing CVE-2015-2296...
Fedora 22 : python-requests-2.5.3-2.fc22 / python-urllib3-1.10.2-1.fc22 (2015-4076)
Backport of patch to not ascribe cookies to the target domain. https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b 2f688785a669b9aafc http://www.openwall.com/lists/oss-security/2015/03/14/4 Note that Tenable Network Security has extracted the preceding description block directl...
python requests library session fixation
Invalid cookies processing in redirects...
Fedora Update for python-requests-kerberos FEDORA-2014-14493
Check the version of python-requests-kerberos SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-requests-kerberos FEDORA-2014-14498
Check the version of python-requests-kerberos SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : python-requests-kerberos-0.6-1.fc19 (2014-14498)
Security fix for CVE-2014-8650: requests-kerberos does not perform mutual authentication Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 20 : python-requests-kerberos-0.6-1.fc20 (2014-14493)
Security fix for CVE-2014-8650: requests-kerberos does not perform mutual authentication Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 21 : python-requests-kerberos-0.6-1.fc21 (2014-14461)
Security fix for CVE-2014-8650: requests-kerberos does not perform mutual authentication Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...