python security update

2.7.5-69.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-70 - Remove 3DS cipher to mitigate CVE-2016-2183 sweet32. Resolves: rhbz1584545...

SUSE-SU-2018:1372-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside the...

Amazon Linux AMI : python34 / python35,python36,python27 (ALAS-2018-1003)

DOS via regular expression catastrophic backtracking in apop method in pop3lib A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service. CVE-2018-1060 DOS via regular expression backtracking...

DLA-1283-2 python-crypto - security update

Bulletin has no description...

SUSE-SU-2018:0768-1 Security update for python

This update for python fixes the following issues: - CVE-2017-1000158: Fixed integer overflow in thePyStringDecodeEscape function bsc1068664...

Autorize - Automatic Authorization Enforcement Detection Extension For Burp Suite

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at Mediaservice.net. Autorize was designed to help security testers by performing automatic...

SUSE-SU-2017:2350-1 Security update for python-pycrypto

This update for python-pycrypto fixes the following issues: - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420. python-paramiko was adjusted to work together with this python-pycrypto change. bsc1047666...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:1308 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

DLA-885-1 python-django - security update

Bulletin has no description...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:0036 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

DSA-3759-1 python-pysaml2 - security update

Bulletin has no description...

SUSE-SU-2016:2859-1 Security update for python3

This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...

python security, bug fix, and enhancement update

2.7.5-48.0.1 - Add Oracle Linux distribution in platform.py orabug 20812544 2.7.5-48 - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 2.7.5-47 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata Resolves: rhbz1356364 2.7.5-46 - Drop patch 2...

SUSE-SU-2016:2653-1 Security update for python3

This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...

Internet Bug Bounty: Information disclosure in mmap module - python 2.7.12

First thing first, the report was sent to python's security mailing list on the 27.8.16 and was fixed by benjamin on the 5.10.16 rev 144f10202076, and acknowledged be me today 8.10.16. In a security audit I made to the mmap module in python 2.7.12, I have found a major information leak...

SUSE-SU-2016:2270-1 Security update for python

This update for python fixes the following issues: - CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack bsc984751 - CVE-2016-5699: incorrect validation of HTTP headers allow header injection bsc985348 - CVE-2016-1000110: HTTPoxy vulnerability in urllib, fixed by disregarding...

CVE-2016-5699

CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython aka Python before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL...

Python 3.3 3.5 - product_setstate() Out-of-Bounds Read

Python 3.3 3.5 - productsetstate Out-of-Bounds Read Title: Python 3.3 - 3.5 productsetstate Out-of-bounds Read Credit: John Leitch [email protected], Bryce Darling [email protected] Url1: http://autosectools.com/Page/Python-productsetstate-Out-of-bounds-Read Url2:...

file, python security update

CentOS Errata and Security Advisory CESA-2014:1606 Updated file packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS...

CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function...