A python update is available for Fedora Core 3
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-114
2005-02-04
---------------------------------------------------------------------
Product : Fedora Core 3
Name : python
Version : 2.3.4
Release : 13.1
Summary : An interpreted, interactive, object-oriented programming language.
Description :
Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC).
Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM.
Note that documentation for Python is provided in the python-docs package.
---------------------------------------------------------------------
Update Information:
An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0089 to this issue.
Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct this issue.
---------------------------------------------------------------------
* Wed Feb 02 2005 Mihai Ibanescu misa@redhat.com 2.3.4-13.1
- Fixed security issue in SimpleXMLRPCServer.py (#146647)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
630b13c1bdab4a97d19c106337a1ef13 SRPMS/python-2.3.4-13.1.src.rpm
8d8943411acc21380675cb520e2db497 x86_64/python-2.3.4-13.1.x86_64.rpm
76aaf0ce8b1df380832e136650c2ad6c x86_64/python-devel-2.3.4-13.1.x86_64.rpm
0b76e2086edf2a71cfb0aaa11715d947 x86_64/python-tools-2.3.4-13.1.x86_64.rpm
e0890269685592a16cd771347cd57871 x86_64/python-docs-2.3.4-13.1.x86_64.rpm
70f8add857c4283df874f01dd66224bd x86_64/tkinter-2.3.4-13.1.x86_64.rpm
e9af58534ac3f24ff688dac8acd2b535 x86_64/debug/python-debuginfo-2.3.4-13.1.x86_64.rpm
fa6ad54679db113a253c0d0d00cb69c2 i386/python-2.3.4-13.1.i386.rpm
51d1be66c01c752e4c1b1709088336e0 i386/python-devel-2.3.4-13.1.i386.rpm
ed20dcab56bfe0d0a585eed7ff79cf5f i386/python-tools-2.3.4-13.1.i386.rpm
99596c5ae22b6d16cbb58517238472e9 i386/python-docs-2.3.4-13.1.i386.rpm
d51c2757c47afb79a7d634aad21cd717 i386/tkinter-2.3.4-13.1.i386.rpm
45c90d5c96730eb5abba820269bce3a3 i386/debug/python-debuginfo-2.3.4-13.1.i386.rpm
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-114
2005-02-04
---------------------------------------------------------------------
Product : Fedora Core 3
Name : python
Version : 2.3.4
Release : 13.1
Summary : An interpreted, interactive, object-oriented programming language.
Description :
Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC).
Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM.
Note that documentation for Python is provided in the python-docs package.
---------------------------------------------------------------------
Update Information:
An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0089 to this issue.
Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct this issue.
---------------------------------------------------------------------
* Wed Feb 02 2005 Mihai Ibanescu misa@redhat.com 2.3.4-13.1
- Fixed security issue in SimpleXMLRPCServer.py (#146647)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
630b13c1bdab4a97d19c106337a1ef13 SRPMS/python-2.3.4-13.1.src.rpm
8d8943411acc21380675cb520e2db497 x86_64/python-2.3.4-13.1.x86_64.rpm
76aaf0ce8b1df380832e136650c2ad6c x86_64/python-devel-2.3.4-13.1.x86_64.rpm
0b76e2086edf2a71cfb0aaa11715d947 x86_64/python-tools-2.3.4-13.1.x86_64.rpm
e0890269685592a16cd771347cd57871 x86_64/python-docs-2.3.4-13.1.x86_64.rpm
70f8add857c4283df874f01dd66224bd x86_64/tkinter-2.3.4-13.1.x86_64.rpm
e9af58534ac3f24ff688dac8acd2b535 x86_64/debug/python-debuginfo-2.3.4-13.1.x86_64.rpm
fa6ad54679db113a253c0d0d00cb69c2 i386/python-2.3.4-13.1.i386.rpm
51d1be66c01c752e4c1b1709088336e0 i386/python-devel-2.3.4-13.1.i386.rpm
ed20dcab56bfe0d0a585eed7ff79cf5f i386/python-tools-2.3.4-13.1.i386.rpm
99596c5ae22b6d16cbb58517238472e9 i386/python-docs-2.3.4-13.1.i386.rpm
d51c2757c47afb79a7d634aad21cd717 i386/tkinter-2.3.4-13.1.i386.rpm
45c90d5c96730eb5abba820269bce3a3 i386/debug/python-debuginfo-2.3.4-13.1.i386.rpm
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.