stable

Python

FEDORA-2019-d202cda4f8 created by churchyard 4 years ago for Fedora 29

Python 3.5 has now entered "security fixes only" mode, and as such the only changes since Python 3.5.4 are security fixes.

https://www.python.org/downloads/release/python-358/

https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-8

Security fix for CVE-2019-9740, CVE-2019-10160, CVE-2019-16935, CVE-2019-18348 , CVE-2019-16056.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2019-d202cda4f8

This update has been submitted for testing by churchyard.

4 years ago

This update's test gating status has been changed to 'waiting'.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update has been pushed to testing.

4 years ago

churchyard edited this update.

New build(s):

  • python35-3.5.8-2.fc29

Removed build(s):

  • python35-3.5.8-1.fc29

Karma has been reset.

4 years ago

This update has been submitted for testing by churchyard.

4 years ago

This update has been pushed to testing.

4 years ago

This update can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1688169 CVE-2019-9740 python: CRLF injection via the query part of the url passed to urlopen()
0
0
BZ#1706853 CVE-2019-9740 python35: python: improper neutralization of CRLF sequences in urllib module [fedora-all]
0
0
BZ#1718388 CVE-2019-10160 python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc
0
0
BZ#1718868 CVE-2019-10160 python35: python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc [fedora-all]
0
0
BZ#1727276 CVE-2019-18348 python: CRLF injection via the host part of the url passed to urlopen()
0
0
BZ#1749839 CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses
0
0
BZ#1750458 CVE-2019-16056 python35: python: email.utils.parseaddr wrongly parses email addresses [fedora-all]
0
0
BZ#1763229 CVE-2019-16935 python: XSS vulnerability in the documentation XML-RPC server in server_title field
0
0
BZ#1763235 CVE-2019-16935 python35: python: XSS vulnerability in the documentation XML-RPC server in server_title field [fedora-all]
0
0
BZ#1765141 CVE-2019-18348 python35: python: CRLF injection via the host part of the url passed to urlopen() [fedora-all]
0
0

Automated Test Results