/[advisories]/25641.adv
ViewVC logotype

Annotation of /25641.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 9212 - (hide annotations) (download)
Thu Nov 7 22:20:07 2019 UTC (3 months, 2 weeks ago) by tmb
File size: 813 byte(s)
add advisory for python-2.7.17-1.1.mga7 / python3-3.7.5-1.mga7
1 tmb 9212 type: security
2     subject: Updated python packages fix security vulnerabilities
3     CVE:
4     - CVE-2019-16056
5     - CVE-2019-16935
6     src:
7     7:
8     core:
9     - python-2.7.17-1.1.mga7
10     - python3-3.7.5-1.mga7
11     description: |
12     Updated python and python3 packages fix security vulnerabilities:
13     It was discovered that Python incorrectly parsed certain email addresses.
14     A remote attacker could possibly use this issue to trick Python
15     applications into accepting email addresses that should be denied
16     (CVE-2019-16056).
17    
18     It was discovered that the Python documentation XML-RPC server incorrectly
19     handled certain fields. A remote attacker could use this issue to execute
20     a cross-site scripting (XSS) attack (CVE-2019-16935).
21     references:
22     - https://bugs.mageia.org/show_bug.cgi?id=25641
23     - https://usn.ubuntu.com/4151-1/

  ViewVC Help
Powered by ViewVC 1.1.26