[Oraclevm-errata] OVMSA-2016-0099 Moderate: Oracle VM 3.4 python security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Thu Aug 18 18:02:32 PDT 2016
Oracle VM Security Advisory OVMSA-2016-0099
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
python-2.6.6-66.0.1.el6_8.x86_64.rpm
python-libs-2.6.6-66.0.1.el6_8.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/python-2.6.6-66.0.1.el6_8.src.rpm
Description of changes:
[2.6.6-66.0.1]
- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav
Sharma)
[2.6.6-66]
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359161
[2.6.6-65]
- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack
(rhbz#1303647)
Raise an error when STARTTLS fails (upstream patch)
- Fix for CVE-2016-5699 python: http protocol steam injection attack
(rhbz#1303699)
Disabled HTTP header injections in httplib (upstream patch)
Resolves: rhbz#1346354
More information about the Oraclevm-errata
mailing list