Package name
python
Date
2014-04-09
Advisory ID
MDVSA-2014:074
Affected versions
MBS1 x86_64

Problem description

Updated python package fixes security vulnerabilities:

Denial of service flaws due to unbound readline() calls in the imaplib,
poplib, and smtplib modules (CVE-2013-1752).

A gzip bomb and unbound read denial of service flaw in python XMLRPC
library (CVE-2013-1753).

Updated packages

MBS1 x86_64

 0b4dbc5612aefe31d96fe0b76ae2d25e  mbs1/x86_64/lib64python2.7-2.7.3-4.6.mbs1.x86_64.rpm
 8fea893a25e07e3f05dbc86a48c51434  mbs1/x86_64/lib64python-devel-2.7.3-4.6.mbs1.x86_64.rpm
 9fcdf93fa35c2486c5f31cece8fde06f  mbs1/x86_64/python-2.7.3-4.6.mbs1.x86_64.rpm
 1fdfb41cd0d9437dc5657c58f36c00d0  mbs1/x86_64/python-docs-2.7.3-4.6.mbs1.noarch.rpm
 9ba84d15644a54d44a25105bf0113bf6  mbs1/x86_64/tkinter-2.7.3-4.6.mbs1.x86_64.rpm
 5f952f18652533f372392ac5abb7799e  mbs1/x86_64/tkinter-apps-2.7.3-4.6.mbs1.x86_64.rpm 
 a4bf7af0f079f07bb0da7cb8f19e5cf5  mbs1/SRPMS/python-2.7.3-4.6.mbs1.src.rpm

References