Test ID:	1.3.6.1.4.1.25623.1.0.122760
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2015-2101)
Summary:	The remote host is missing an update for the 'python' package(s) announced via the ELSA-2015-2101 advisory.
Description:	Summary: The remote host is missing an update for the 'python' package(s) announced via the ELSA-2015-2101 advisory. Vulnerability Insight: [2.7.5-34.0.1] - Add Oracle Linux distribution in platform.py [orabug 20812544] [2.7.5-34] - Revert fix for rhbz#1117751 as it leads to regressions Resolves: rhbz#1117751 [2.7.5-33] - Only restore SIG_PIPE when Popen called with restore_sigpipe Resolves: rhbz#1117751 [2.7.5-32] - Backport SSLSocket.version function - Temporary disable test_gdb on ppc64le rhbz#1260558 Resolves: rhbz#1259421 [2.7.5-31] - Update load_cert_chain function to accept None keyfile Resolves: rhbz#1250611 [2.7.5-30] - Change Patch224 according to latest update in PEP493 Resolves:rhbz#1219108 [2.7.5-29] - Popen shouldn't ignore SIG_PIPE Resolves: rhbz#1117751 [2.7.5-28] - Exclude python subprocess temp files from cleaning Resolves: rhbz#1058482 [2.7.5-27] - Add list for cprofile sort option Resolves:rhbz#1237107 [2.7.5-26] - Add switch to toggle cert verification on or off globally Resolves:rhbz#1219108 [2.7.5-25] - PEP476 enable cert verifications by default Resolves:rhbz#1219110 [2.7.5-24] - Massive backport of ssl module from python3 aka PEP466 Resolves: rhbz#1111461 [2.7.5-23] - Fixed CVE-2013-1753, CVE-2013-1752, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185 Resolves: rhbz#1206574 [2.7.5-22] - Fix importing readline producing erroneous output Resolves: rhbz#1189301 [2.7.5-21] - Add missing import in bdist_rpm Resolves: rhbz#1177613 [2.7.5-20] - Avoid double close of subprocess pipes Resolves: rhbz#1103452 [2.7.5-19] - make multiprocessing ignore EINTR Resolves: rhbz#1181624 Affected Software/OS: 'python' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-1752 Common Vulnerability Exposure (CVE) ID: CVE-2013-1753 Common Vulnerability Exposure (CVE) ID: CVE-2014-4616 BugTraq ID: 68119 http://www.securityfocus.com/bid/68119 https://security.gentoo.org/glsa/201503-10 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395 https://hackerone.com/reports/12297 http://openwall.com/lists/oss-security/2014/06/24/7 RedHat Security Advisories: RHSA-2015:1064 http://rhn.redhat.com/errata/RHSA-2015-1064.html SuSE Security Announcement: openSUSE-SU-2014:0890 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4650 http://bugs.python.org/issue21766 http://openwall.com/lists/oss-security/2014/06/26/3 RedHat Security Advisories: Red Hat https://access.redhat.com/security/cve/cve-2014-4650 Common Vulnerability Exposure (CVE) ID: CVE-2014-7185 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 70089 http://www.securityfocus.com/bid/70089 http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html http://www.openwall.com/lists/oss-security/2014/09/23/5 http://www.openwall.com/lists/oss-security/2014/09/25/47 RedHat Security Advisories: RHSA-2015:1330 http://rhn.redhat.com/errata/RHSA-2015-1330.html SuSE Security Announcement: openSUSE-SU-2014:1292 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html XForce ISS Database: python-bufferobject-overflow(96193) https://exchange.xforce.ibmcloud.com/vulnerabilities/96193
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.