[SSA:2017-266-02] python
New python packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog
patches/packages/python-2.7.14-i586-1_slack14.2.txz: Upgraded.
Updated to the latest 2.7.x release.
This fixes some security issues related to the bundled expat library.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
(* Security fix *)
Where to find the new packages
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/python-2.7.14-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/python-2.7.14-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/python-2.7.14-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/python-2.7.14-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/python-2.7.14-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/python-2.7.14-x86_64-1_slack14.2.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/python-2.7.14-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/python-2.7.14-x86_64-1.txz
MD5 signatures
Slackware 14.0 package:
9d70703b48f3c7965ddc8b1327523df5 python-2.7.14-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
f01272718080952b48ba77d41e7fa3d1 python-2.7.14-x86_64-1_slack14.0.txz
Slackware 14.1 package:
280cbdcb6405cb41ab9946d248265232 python-2.7.14-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
87a9b0e9b74d7c6881c8a60767ee787c python-2.7.14-x86_64-1_slack14.1.txz
Slackware 14.2 package:
60efb0be0d51a43bb521989b591925d1 python-2.7.14-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
8e3e9b242ac0afb6cfdac9c631b938fb python-2.7.14-x86_64-1_slack14.2.txz
Slackware -current package:
0a370c195295cb937c7756846266373c d/python-2.7.14-i586-1.txz
Slackware x86_64 -current package:
e67b2e27b293a45f3685be152e784772 d/python-2.7.14-x86_64-1.txz
Installation instructions
Upgrade the package as root:
# upgradepkg python-2.7.14-i586-1_slack14.2.txz
- ID
- SSA:2017-266-02
- Severity
- critical
- Severity from
- CVE-2016-0718
- URL
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2017&m=slackware-security.436421
- Published
-
2017-09-23T06:33:04
(7 years ago) - Modified
-
2017-09-23T06:33:04
(7 years ago) - Rights
- Slackware Linux Security Team
- Other Advisories
-
- ALAS-2016-775
- ALPINE:CVE-2016-0718
- ALPINE:CVE-2016-4472
- ALPINE:CVE-2017-9233
- ASA-201611-16
- ASA-201706-32
- ASA-201707-27
- DSA-3582-1
- DSA-3898-1
- ELSA-2016-2824
- FEDORA-2016-0fd6ca526a
- FEDORA-2016-60889583ab
- FEDORA-2016-7c6e7a9265
- FEDORA-2017-18601ad5d2
- FEDORA-2017-2c5635cd97
- FEDORA-2017-a44f9aa38b
- FREEBSD:57B3ABA7-1E25-11E6-8DD3-002590263BF5
- FREEBSD:8719B935-8BAE-41AD-92BA-3C826F651219
- FREEBSD:9164F51E-AE20-11E7-A633-009C02A2AB30
- FREEBSD:AA1AEFE3-6E37-47DB-BFDA-343EF4ACB1B5
- FREEBSD:D1853110-07F4-4645-895B-6FD462AD0589
- FREEBSD:E375FF3F-7FEC-11E8-8088-28D244AEE256
- FREEBSD:FF76F0E0-3F11-11E6-B3C8-14DAE9D210B8
- GLSA-201701-21
- MFSA-2016-89
- RHSA-2016:2824
- SSA:2016-359-01
- SSA:2017-199-01
- SSA:2018-124-01
- SUSE-SU-2016:1508-1
- SUSE-SU-2016:1512-1
- SUSE-SU-2017:2299-1
- SUSE-SU-2017:2375-1
- SUSE-SU-2017:2699-1
- SUSE-SU-2017:2700-1
- SUSE-SU-2019:2872-1
- SUSE-SU-2020:0497-1
- USN-2983-1
- USN-3013-1
- USN-3044-1
- USN-3124-1
- USN-3356-1
- USN-3356-2
- USN-4825-1
- USN-5455-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:slackbuild/slackware/python?arch=x86_64&distro=slackware64-current | slackware | python | < 2.7.14 | slackware64-current | x86_64 | |
Affected | pkg:slackbuild/slackware/python?arch=x86_64&distro=slackware64-14.2 | slackware | python | < 2.7.14 | slackware64-14.2 | x86_64 | |
Affected | pkg:slackbuild/slackware/python?arch=x86_64&distro=slackware64-14.1 | slackware | python | < 2.7.14 | slackware64-14.1 | x86_64 | |
Affected | pkg:slackbuild/slackware/python?arch=x86_64&distro=slackware64-14.0 | slackware | python | < 2.7.14 | slackware64-14.0 | x86_64 | |
Affected | pkg:slackbuild/slackware/python?arch=i586&distro=slackware-current | slackware | python | < 2.7.14 | slackware-current | i586 | |
Affected | pkg:slackbuild/slackware/python?arch=i586&distro=slackware-14.2 | slackware | python | < 2.7.14 | slackware-14.2 | i586 | |
Affected | pkg:slackbuild/slackware/python?arch=i486&distro=slackware-14.1 | slackware | python | < 2.7.14 | slackware-14.1 | i486 | |
Affected | pkg:slackbuild/slackware/python?arch=i486&distro=slackware-14.0 | slackware | python | < 2.7.14 | slackware-14.0 | i486 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |