Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-1582)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123515

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2013-1582)

Resumen: The remote host is missing an update for the 'python' package(s) announced via the ELSA-2013-1582 advisory.

Descripción: Summary:
The remote host is missing an update for the 'python' package(s) announced via the ELSA-2013-1582 advisory.

Vulnerability Insight:
[2.6.6-51]
- Fixed memory leak in _ssl._get_peer_alt_names
Resolves: rhbz#1002983

[2.6.6-50]
- Added fix for CVE-2013-4238
Resolves: rhbz#998784

[2.6.6-49]
- Fix shebangs in several files in python-tools subpackage
Resolves: rhbz#521898

[2.6.6-48]
- Fix sqlite3.Cursor.lastrowid under a Turkish locale.
Resolves: rhbz#841937

[2.6.6-47]
- Urlparse now parses query and fragment of urls for any scheme.
Resolves: rhbz#978129

[2.6.6-46]
- Add wrapper for select.select to restart a system call
Resolves: rhbz#948025

[2.6.6-45]
- Add try-except to catch OSError in WatchedFileHandler
Resolves: rhbz#919163

[2.6.6-44]
- Fix urandom to throw proper exception
Resolves: rhbz#893034

[2.6.6-43]
- Backport of collections.OrderedDict from Python 2.7
Resolves: rhbz#929258

[2.6.6-42]
- Add an explicit RPATH to _elementtree.so pointing at the directory
containing system expat
Resolves: rhbz#962779

[2.6.6-41]
- Don't let failed incoming SSL connection stay open forever
Resolves: rhbz#960168

[2.6.6-40]
- Fix Python not reading Alternative Subject Names from some SSL
certificates
Resolves: rhbz#928390

[2.6.6-39]
- Remove BOM insertion code from SysLogHandler that causes messages to be
treated as EMERG level
Resolves: rhbz#845802

[2.6.6-38]
- move most of the payload of the core package to the libs subpackage, given
that the libs aren't meaningfully usable without the standard libraries
- preserve timestamps when fixing shebangs (patch 158) and when installing,
to minimize .pyc/.pyo differences across architectures (due to the embedded
mtime in .pyc/.pyo headers)
- fix multilib issue in /usr/bin/modulator and /usr/bin/pynche
Related: rhbz#958256

Affected Software/OS:
'python' package(s) on Oracle Linux 6.

Solution:
Please install the updated package(s).

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4238
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.securityfocus.com/archive/1/534161/100/0/threaded
DSA-2880
http://www.debian.org/security/2014/dsa-2880
RHSA-2013:1582
http://rhn.redhat.com/errata/RHSA-2013-1582.html
USN-1982-1
http://www.ubuntu.com/usn/USN-1982-1
http://bugs.python.org/issue18709
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://bugzilla.redhat.com/show_bug.cgi?id=996381
openSUSE-SU-2013:1437
http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html
openSUSE-SU-2013:1438
http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html
openSUSE-SU-2013:1439
http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html
openSUSE-SU-2013:1440
http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html
openSUSE-SU-2013:1462
http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html
openSUSE-SU-2013:1463
http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html
openSUSE-SU-2020:0086
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123515
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-1582)
Resumen:	The remote host is missing an update for the 'python' package(s) announced via the ELSA-2013-1582 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python' package(s) announced via the ELSA-2013-1582 advisory. Vulnerability Insight: [2.6.6-51] - Fixed memory leak in _ssl._get_peer_alt_names Resolves: rhbz#1002983 [2.6.6-50] - Added fix for CVE-2013-4238 Resolves: rhbz#998784 [2.6.6-49] - Fix shebangs in several files in python-tools subpackage Resolves: rhbz#521898 [2.6.6-48] - Fix sqlite3.Cursor.lastrowid under a Turkish locale. Resolves: rhbz#841937 [2.6.6-47] - Urlparse now parses query and fragment of urls for any scheme. Resolves: rhbz#978129 [2.6.6-46] - Add wrapper for select.select to restart a system call Resolves: rhbz#948025 [2.6.6-45] - Add try-except to catch OSError in WatchedFileHandler Resolves: rhbz#919163 [2.6.6-44] - Fix urandom to throw proper exception Resolves: rhbz#893034 [2.6.6-43] - Backport of collections.OrderedDict from Python 2.7 Resolves: rhbz#929258 [2.6.6-42] - Add an explicit RPATH to _elementtree.so pointing at the directory containing system expat Resolves: rhbz#962779 [2.6.6-41] - Don't let failed incoming SSL connection stay open forever Resolves: rhbz#960168 [2.6.6-40] - Fix Python not reading Alternative Subject Names from some SSL certificates Resolves: rhbz#928390 [2.6.6-39] - Remove BOM insertion code from SysLogHandler that causes messages to be treated as EMERG level Resolves: rhbz#845802 [2.6.6-38] - move most of the payload of the core package to the libs subpackage, given that the libs aren't meaningfully usable without the standard libraries - preserve timestamps when fixing shebangs (patch 158) and when installing, to minimize .pyc/.pyo differences across architectures (due to the embedded mtime in .pyc/.pyo headers) - fix multilib issue in /usr/bin/modulator and /usr/bin/pynche Related: rhbz#958256 Affected Software/OS: 'python' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4238 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities http://seclists.org/fulldisclosure/2014/Dec/23 http://www.securityfocus.com/archive/1/534161/100/0/threaded DSA-2880 http://www.debian.org/security/2014/dsa-2880 RHSA-2013:1582 http://rhn.redhat.com/errata/RHSA-2013-1582.html USN-1982-1 http://www.ubuntu.com/usn/USN-1982-1 http://bugs.python.org/issue18709 http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://bugzilla.redhat.com/show_bug.cgi?id=996381 openSUSE-SU-2013:1437 http://lists.opensuse.org/opensuse-updates/2013-09/msg00026.html openSUSE-SU-2013:1438 http://lists.opensuse.org/opensuse-updates/2013-09/msg00027.html openSUSE-SU-2013:1439 http://lists.opensuse.org/opensuse-updates/2013-09/msg00028.html openSUSE-SU-2013:1440 http://lists.opensuse.org/opensuse-updates/2013-09/msg00029.html openSUSE-SU-2013:1462 http://lists.opensuse.org/opensuse-updates/2013-09/msg00042.html openSUSE-SU-2013:1463 http://lists.opensuse.org/opensuse-updates/2013-09/msg00043.html openSUSE-SU-2020:0086 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
Copyright	Copyright (C) 2015 Greenbone AG