RHSA-2016:1630 Red Hat Security Advisory: rh-python34-python security update

Bulletin has no description...

Amazon Linux AMI : python34 (ALAS-2021-1504)

The version of python34 installed on the remote host is prior to 3.4.10-1.55. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1504 advisory. The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by...

Low: python34

Issue Overview: The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of...

Fedora 32 : python34 (2020-d30881c970)

CVE-2019-20907: Avoid infinite loop in the tarfile module - CVE-2020-14422: Resolve hash collisions for IPv4Interface and IPv6Interface - CVE-2020-26116: HTTP request method CRLF injection in httplib This update brings Fedora 32's python34 in sync with the EPEL7 package. Note that Tenable Network...

Fedora: Security Advisory for python34 (FEDORA-2020-d30881c970)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux AMI : python34, python36, python35 (ALAS-2020-1432)

The version of python34 installed on the remote host is prior to 3.4.10-1.52. The version of python35 installed on the remote host is prior to 3.5.9-1.28. The version of python36 installed on the remote host is prior to 3.6.12-1.19. It is, therefore, affected by multiple vulnerabilities as...

Amazon Linux AMI : python34, python35 (ALAS-2020-1429)

The version of python34 installed on the remote host is prior to 3.4.10-1.51. The version of python35 installed on the remote host is prior to 3.5.9-1.27. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1429 advisory. In Lib/tarfile.py in Python through 3.8.3...

Fedora Update for python34 FEDORA-2019-50772cf122

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: python34

Issue Overview: A security regression of CVE-2019-9636 was discovered in python, since commit d537ab0ff9767ef024f26246899728f0116b1ec3, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store...

Fedora 31 : python34 (2019-50772cf122)

Fix CVE-2019-16056 rhbz1750457 ---- Fix CVE-2019-10160 rhbz1718867 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora Update for python34 FEDORA-2019-5dc275c9f2

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for python34 FEDORA-2019-2b1f72899a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : python34 (2019-2b1f72899a)

Fix CVE-2019-16056 rhbz1750457 ---- Fix CVE-2019-10160 rhbz1718867 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Medium: python34

Issue Overview: An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? character followed b...

Amazon Linux AMI : python34 (ALAS-2019-1202)

Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack...

Fedora Update for python34 FEDORA-2018-4544e8dbc8

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: python34

Issue Overview: Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit, urllib.parse.urlpars...

Fedora Update for python34 FEDORA-2019-6baeb15da3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux AMI : python27 / python34,python35,python36 (ALAS-2019-1169)

A NULL pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accep...

Fedora 28 : python34 (2018-c3a2174314)

Security update to 3.4.9 with fix for CVE-2018-1060: difflib and poplib catastrophic backtracking. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...