[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2013:1582-02 -- Redhat python

ID: oval:org.secpod.oval:def:501140Date: (C)2013-11-26   (M)2023-10-10
Class: PATCHFamily: unix




Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the way the Python SSL module handled X.509 certificate fields that contain a NULL byte. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully crafted certificate signed by an authority that the client trusts. These updated python packages include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of python are advised to upgrade to these updated packages, which fix these issues and add this enhancement.

Platform:
Red Hat Enterprise Linux 6
Product:
python
Reference:
RHSA-2013:1582-02
CVE-2013-4238
CVE    1
CVE-2013-4238
CPE    37
cpe:/a:python:python:2.7.1150
cpe:/a:python:python:2.7.1150::~~~~x64~
cpe:/a:python:python:2.6.2150
cpe:/a:python:python:3.0
...

© SecPod Technologies