2011/devel/system/base/python - Fix the broken asyncore module that is open for re...
Serdar Dalgıç
paketler-commits at pardus.org.tr
Mon Nov 1 12:35:56 EET 2010
Author: sdalgic
Date: Mon Nov 1 12:35:55 2010
New Revision: 104079
Added:
2011/devel/system/base/python/files/Python-2.7-CVE-2010-3492.diff
2011/devel/system/base/python/files/Python-2.7-CVE-2010-3493.diff
Modified:
2011/devel/system/base/python/pspec.xml
Log:
- Fix the broken asyncore module that is open for remote attackers to conduct DoS (CVE-2010-3492) #14993
- Fix Multiple race conditions in smtpd.py (CVE-2010-3493), #14993
BUG:FIXED:14993
---
files/Python-2.7-CVE-2010-3492.diff | 194 ++++++++++++++++++++++++++++++++++++
files/Python-2.7-CVE-2010-3493.diff | 47 ++++++++
pspec.xml | 13 ++
3 files changed, 254 insertions(+)
Modified: 2011/devel/system/base/python/pspec.xml
=================================================================
--- 2011/devel/system/base/python/pspec.xml (original)
+++ 2011/devel/system/base/python/pspec.xml Mon Nov 1 12:35:55 2010
@@ -81,6 +81,11 @@
<Patch level="1">CVE-2009-3560.patch</Patch>
<Patch level="1">python-2.7-fix-parallel-make.patch</Patch>
+
+ <!-- DoS smtpd module vulnerability (CVE-2010-3493), #14993 -->
+ <Patch>Python-2.7-CVE-2010-3493.diff</Patch>
+ <!-- Broken asyncore module vulnerability (CVE-2010-3492), #14993 -->
+ <Patch level="1">Python-2.7-CVE-2010-3492.diff</Patch>
</Patches>
</Source>
@@ -172,6 +177,14 @@
</Package>
<History>
+ <Update release="66" type="security">
+ <Date>2010-11-01</Date>
+ <Version>2.7</Version>
+ <Comment>- Fix the broken asyncore module that is open for remote attackers to conduct DoS (CVE-2010-3492) #14993
+ - Fix Multiple race conditions in smtpd.py (CVE-2010-3493), #14993</Comment>
+ <Name>Serdar Dalgıç</Name>
+ <Email>serdar at pardus.org.tr</Email>
+ </Update>
<Update release="65">
<Date>2010-10-11</Date>
<Version>2.7</Version>
More information about the paketler-commits
mailing list