Works for me!
CVE-2018-1060, -1061, -2019-5010 aren't easy to reproduce. I checked that the patches are in, not necessarily that the issues are solved.
BZ#1549192 CVE-2018-1061 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
BZ#1563461 CVE-2018-1060 CVE-2018-1061 python35: various flaws [fedora-all]
BZ#1666519 CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate
BZ#1666527 CVE-2019-5010 python35: python: NULL pointer dereference using a specially crafted X509 certificate [fedora-all]
BZ#1688543 CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization
BZ#1688550 CVE-2019-9636 python35: python: Information Disclosure due to urlsplit improper NFKC normalization [fedora-all]
This update has been submitted for batched by bodhi.
Works for me!
CVE-2018-1060, -1061, -2019-5010 aren't easy to reproduce. I checked that the patches are in, not necessarily that the issues are solved.
BZ#1549192 CVE-2018-1061 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
BZ#1563461 CVE-2018-1060 CVE-2018-1061 python35: various flaws [fedora-all]
BZ#1666519 CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate
BZ#1666527 CVE-2019-5010 python35: python: NULL pointer dereference using a specially crafted X509 certificate [fedora-all]
BZ#1688543 CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization
BZ#1688550 CVE-2019-9636 python35: python: Information Disclosure due to urlsplit improper NFKC normalization [fedora-all]
This update has been submitted for stable by bodhi.
BZ#1549192 CVE-2018-1061 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib
0
1
BZ#1563461 CVE-2018-1060 CVE-2018-1061 python35: various flaws [fedora-all]
0
1
BZ#1664509 CVE-2018-20406 python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data
0
0
BZ#1664512 CVE-2018-20406 python35: python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data [fedora-all]
0
0
BZ#1666519 CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate
0
1
BZ#1666527 CVE-2019-5010 python35: python: NULL pointer dereference using a specially crafted X509 certificate [fedora-all]
0
1
BZ#1688543 CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization
0
1
BZ#1688550 CVE-2019-9636 python35: python: Information Disclosure due to urlsplit improper NFKC normalization [fedora-all]
This update has been submitted for testing by churchyard.
This update has been pushed to testing.
Works for me! CVE-2018-1060, -1061, -2019-5010 aren't easy to reproduce. I checked that the patches are in, not necessarily that the issues are solved.
This update has been submitted for batched by bodhi.
Works for me! CVE-2018-1060, -1061, -2019-5010 aren't easy to reproduce. I checked that the patches are in, not necessarily that the issues are solved.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.