/[advisories]/25641.adv
ViewVC logotype

Contents of /25641.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 9220 - (show annotations) (download)
Thu Nov 7 22:24:37 2019 UTC (3 months, 2 weeks ago) by tmb
File size: 833 byte(s)
MGASA-2019-0318: python-2.7.17-1.1.mga7, python3-3.7.5-1.mga7
1 type: security
2 subject: Updated python packages fix security vulnerabilities
3 CVE:
4 - CVE-2019-16056
5 - CVE-2019-16935
6 src:
7 7:
8 core:
9 - python-2.7.17-1.1.mga7
10 - python3-3.7.5-1.mga7
11 description: |
12 Updated python and python3 packages fix security vulnerabilities:
13 It was discovered that Python incorrectly parsed certain email addresses.
14 A remote attacker could possibly use this issue to trick Python
15 applications into accepting email addresses that should be denied
16 (CVE-2019-16056).
17
18 It was discovered that the Python documentation XML-RPC server incorrectly
19 handled certain fields. A remote attacker could use this issue to execute
20 a cross-site scripting (XSS) attack (CVE-2019-16935).
21 references:
22 - https://bugs.mageia.org/show_bug.cgi?id=25641
23 - https://usn.ubuntu.com/4151-1/
24 ID: MGASA-2019-0318

  ViewVC Help
Powered by ViewVC 1.1.26