ID de Prueba:	1.3.6.1.4.1.25623.1.0.122760
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-2101)
Resumen:	The remote host is missing an update for the 'python' package(s) announced via the ELSA-2015-2101 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python' package(s) announced via the ELSA-2015-2101 advisory. Vulnerability Insight: [2.7.5-34.0.1] - Add Oracle Linux distribution in platform.py [orabug 20812544] [2.7.5-34] - Revert fix for rhbz#1117751 as it leads to regressions Resolves: rhbz#1117751 [2.7.5-33] - Only restore SIG_PIPE when Popen called with restore_sigpipe Resolves: rhbz#1117751 [2.7.5-32] - Backport SSLSocket.version function - Temporary disable test_gdb on ppc64le rhbz#1260558 Resolves: rhbz#1259421 [2.7.5-31] - Update load_cert_chain function to accept None keyfile Resolves: rhbz#1250611 [2.7.5-30] - Change Patch224 according to latest update in PEP493 Resolves:rhbz#1219108 [2.7.5-29] - Popen shouldn't ignore SIG_PIPE Resolves: rhbz#1117751 [2.7.5-28] - Exclude python subprocess temp files from cleaning Resolves: rhbz#1058482 [2.7.5-27] - Add list for cprofile sort option Resolves:rhbz#1237107 [2.7.5-26] - Add switch to toggle cert verification on or off globally Resolves:rhbz#1219108 [2.7.5-25] - PEP476 enable cert verifications by default Resolves:rhbz#1219110 [2.7.5-24] - Massive backport of ssl module from python3 aka PEP466 Resolves: rhbz#1111461 [2.7.5-23] - Fixed CVE-2013-1753, CVE-2013-1752, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185 Resolves: rhbz#1206574 [2.7.5-22] - Fix importing readline producing erroneous output Resolves: rhbz#1189301 [2.7.5-21] - Add missing import in bdist_rpm Resolves: rhbz#1177613 [2.7.5-20] - Avoid double close of subprocess pipes Resolves: rhbz#1103452 [2.7.5-19] - make multiprocessing ignore EINTR Resolves: rhbz#1181624 Affected Software/OS: 'python' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1752 Common Vulnerability Exposure (CVE) ID: CVE-2013-1753 Common Vulnerability Exposure (CVE) ID: CVE-2014-4616 BugTraq ID: 68119 http://www.securityfocus.com/bid/68119 https://security.gentoo.org/glsa/201503-10 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395 https://hackerone.com/reports/12297 http://openwall.com/lists/oss-security/2014/06/24/7 RedHat Security Advisories: RHSA-2015:1064 http://rhn.redhat.com/errata/RHSA-2015-1064.html SuSE Security Announcement: openSUSE-SU-2014:0890 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4650 http://bugs.python.org/issue21766 http://openwall.com/lists/oss-security/2014/06/26/3 RedHat Security Advisories: Red Hat https://access.redhat.com/security/cve/cve-2014-4650 Common Vulnerability Exposure (CVE) ID: CVE-2014-7185 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 70089 http://www.securityfocus.com/bid/70089 http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html http://www.openwall.com/lists/oss-security/2014/09/23/5 http://www.openwall.com/lists/oss-security/2014/09/25/47 RedHat Security Advisories: RHSA-2015:1330 http://rhn.redhat.com/errata/RHSA-2015-1330.html SuSE Security Announcement: openSUSE-SU-2014:1292 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html XForce ISS Database: python-bufferobject-overflow(96193) https://exchange.xforce.ibmcloud.com/vulnerabilities/96193
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.