[SECURITY] Fedora 16 Update: python-2.7.3-1.fc16

updates at fedoraproject.org updates at fedoraproject.org
Sun May 6 01:26:43 UTC 2012 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-5924
2012-04-14 22:42:38
--------------------------------------------------------------------------------

Name        : python
Product     : Fedora 16
Version     : 2.7.3
Release     : 1.fc16
URL         : http://www.python.org/
Summary     : An interpreted, interactive, object-oriented programming language
Description :
Python is an interpreted, interactive, object-oriented programming
language often compared to Tcl, Perl, Scheme or Java. Python includes
modules, classes, exceptions, very high level dynamic data types and
dynamic typing. Python supports interfaces to many system calls and
libraries, as well as to various windowing systems (X11, Motif, Tk,
Mac and MFC).

Programmers can write new built-in modules for Python in C or C++.
Python can be used as an extension language for applications that need
a programmable interface.

Note that documentation for Python is provided in the python-docs
package.

This package provides the "python" executable; most of the actual
implementation is within the "python-libs" package.

--------------------------------------------------------------------------------
Update Information:

Rebase of Python 2 ("python" and "python-docs") from 2.7.2 to 2.7.3 bringing in security fixes, along with other bugfixes.

See http://python.org/download/releases/2.7.3/
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 13 2012 David Malcolm <dmalcolm at redhat.com> - 2.7.3-1
- 2.7.3; refresh patches 102 (lib64) and 112 (debug build); revise patch 127
(test_structmember); drop upstream patches 11 (tolower) and 115 (pydoc
robustness); add python2.pc to python-devel; regenerate the autotool
intermediates patch (patch 300)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003)
        https://bugzilla.redhat.com/show_bug.cgi?id=750555
  [ 2 ] Bug #789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
        https://bugzilla.redhat.com/show_bug.cgi?id=789790
  [ 3 ] Bug #812068 - python: SSL CBC IV vulnerability (CVE-2011-3389, BEAST)
        https://bugzilla.redhat.com/show_bug.cgi?id=812068
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update python' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list