FEDORA-2019-d202cda4f8 created by churchyard 10 months ago for Fedora 29
stable

Python 3.5 has now entered "security fixes only" mode, and as such the only changes since Python 3.5.4 are security fixes.

https://www.python.org/downloads/release/python-358/

https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-8

Security fix for CVE-2019-9740, CVE-2019-10160, CVE-2019-16935, CVE-2019-18348 , CVE-2019-16056.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-d202cda4f8

This update has been submitted for testing by churchyard.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago

churchyard edited this update.

New build(s):

  • python35-3.5.8-2.fc29

Removed build(s):

  • python35-3.5.8-1.fc29

Karma has been reset.

10 months ago

This update has been submitted for testing by churchyard.

10 months ago

This update has been pushed to testing.

9 months ago

This update can be pushed to stable now if the maintainer wishes

9 months ago

This update has been submitted for stable by bodhi.

9 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
9 months ago
in stable
9 months ago
modified
10 months ago
BZ#1688169 CVE-2019-9740 python: CRLF injection via the query part of the url passed to urlopen()
0
0
BZ#1706853 CVE-2019-9740 python35: python: improper neutralization of CRLF sequences in urllib module [fedora-all]
0
0
BZ#1718388 CVE-2019-10160 python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc
0
0
BZ#1718868 CVE-2019-10160 python35: python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc [fedora-all]
0
0
BZ#1727276 CVE-2019-18348 python: CRLF injection via the host part of the url passed to urlopen()
0
0
BZ#1749839 CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses
0
0
BZ#1750458 CVE-2019-16056 python35: python: email.utils.parseaddr wrongly parses email addresses [fedora-all]
0
0
BZ#1763229 CVE-2019-16935 python: XSS vulnerability in the documentation XML-RPC server in server_title field
0
0
BZ#1763235 CVE-2019-16935 python35: python: XSS vulnerability in the documentation XML-RPC server in server_title field [fedora-all]
0
0
BZ#1765141 CVE-2019-18348 python35: python: CRLF injection via the host part of the url passed to urlopen() [fedora-all]
0
0

Automated Test Results