[Oraclevm-errata] OVMSA-2016-0099 Moderate: Oracle VM 3.4 python security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Aug 18 18:02:32 PDT 2016


Oracle VM Security Advisory OVMSA-2016-0099

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
python-2.6.6-66.0.1.el6_8.x86_64.rpm
python-libs-2.6.6-66.0.1.el6_8.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/python-2.6.6-66.0.1.el6_8.src.rpm



Description of changes:

[2.6.6-66.0.1]
- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav 
Sharma)

[2.6.6-66]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359161

[2.6.6-65]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack 
(rhbz#1303647)
   Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack 
(rhbz#1303699)
   Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346354




More information about the Oraclevm-errata mailing list