Download
| Alert*
|
oval:org.secpod.oval:def:89050320
This update for python fixes the following issues: Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions . oval:org.secpod.oval:def:17185 The host is installed with Python 2.5.2 and earlier and is prone to integer overflow vulnerability. The flaw is present in the application, which fails to properly handle vectors related to "partial hashlib hashing of data exceeding 4GB. Successful exploitation allow context-dependent attackers to d ... oval:org.mitre.oval:def:7152 Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In ... oval:org.secpod.oval:def:301568 Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows . This was due to an incomplete fix for CVE-2007-4965. David Rema ... |
