Test ID:	1.3.6.1.4.1.25623.1.1.13.2018.124.01
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2018-124-01)
Summary:	The remote host is missing an update for the 'python' package(s) announced via the SSA:2018-124-01 advisory.
Description:	Summary: The remote host is missing an update for the 'python' package(s) announced via the SSA:2018-124-01 advisory. Vulnerability Insight: New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/python-2.7.15-i586-1_slack14.2.txz: Upgraded. Updated to the latest 2.7.x release. This fixes some security issues in difflib and poplib (regexes vulnerable to denial of service attacks), as well as security issues with the bundled expat library. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'python' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0876 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html BugTraq ID: 52379 http://www.securityfocus.com/bid/52379 Debian Security Information: DSA-2525 (Google Search) http://www.debian.org/security/2012/dsa-2525 http://www.mandriva.com/security/advisories?name=MDVSA-2012:041 http://bugs.python.org/issue13703#msg151870 http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html RedHat Security Advisories: RHSA-2012:0731 http://rhn.redhat.com/errata/RHSA-2012-0731.html RedHat Security Advisories: RHSA-2016:0062 http://rhn.redhat.com/errata/RHSA-2016-0062.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://secunia.com/advisories/49504 http://secunia.com/advisories/51024 http://secunia.com/advisories/51040 http://www.ubuntu.com/usn/USN-1527-1 http://www.ubuntu.com/usn/USN-1613-1 http://www.ubuntu.com/usn/USN-1613-2 Common Vulnerability Exposure (CVE) ID: CVE-2016-0718 1036348 http://www.securitytracker.com/id/1036348 1036415 http://www.securitytracker.com/id/1036415 1037705 http://www.securitytracker.com/id/1037705 20170227 CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6 http://seclists.org/fulldisclosure/2017/Feb/68 90729 http://www.securityfocus.com/bid/90729 APPLE-SA-2016-07-18-1 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html DSA-3582 http://www.debian.org/security/2016/dsa-3582 GLSA-201701-21 https://security.gentoo.org/glsa/201701-21 RHSA-2016:2824 http://rhn.redhat.com/errata/RHSA-2016-2824.html RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 SUSE-SU-2016:1508 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html SUSE-SU-2016:1512 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html USN-2983-1 http://www.ubuntu.com/usn/USN-2983-1 USN-3044-1 http://www.ubuntu.com/usn/USN-3044-1 [oss-security] 20160517 CVE-2016-0718: Expat XML Parser Crashes on Malformed Input http://www.openwall.com/lists/oss-security/2016/05/17/12 http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html http://support.eset.com/ca6333/ http://www.mozilla.org/security/announce/2016/mfsa2016-68.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://bugzilla.mozilla.org/show_bug.cgi?id=1236923 https://bugzilla.redhat.com/show_bug.cgi?id=1296102 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://source.android.com/security/bulletin/2016-11-01.html https://support.apple.com/HT206903 https://www.tenable.com/security/tns-2016-20 openSUSE-SU-2016:1441 http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html openSUSE-SU-2016:1523 http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html openSUSE-SU-2016:1964 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html openSUSE-SU-2016:2026 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4472 91528 http://www.securityfocus.com/bid/91528 USN-3013-1 http://www.ubuntu.com/usn/USN-3013-1 https://bugzilla.redhat.com/show_bug.cgi?id=1344251 https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde Common Vulnerability Exposure (CVE) ID: CVE-2016-5300 BugTraq ID: 91159 http://www.securityfocus.com/bid/91159 Debian Security Information: DSA-3597 (Google Search) http://www.debian.org/security/2016/dsa-3597 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E http://www.openwall.com/lists/oss-security/2016/06/04/4 http://www.openwall.com/lists/oss-security/2016/06/04/5 http://www.ubuntu.com/usn/USN-3010-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-9063 BugTraq ID: 94337 http://www.securityfocus.com/bid/94337 Debian Security Information: DSA-3898 (Google Search) https://www.debian.org/security/2017/dsa-3898 http://www.securitytracker.com/id/1037298 http://www.securitytracker.com/id/1039427 Common Vulnerability Exposure (CVE) ID: CVE-2017-9233 BugTraq ID: 99276 http://www.securityfocus.com/bid/99276 http://www.debian.org/security/2017/dsa-3898 http://www.openwall.com/lists/oss-security/2017/06/17/7 Common Vulnerability Exposure (CVE) ID: CVE-2018-1060 Debian Security Information: DSA-4306 (Google Search) https://www.debian.org/security/2018/dsa-4306 Debian Security Information: DSA-4307 (Google Search) https://www.debian.org/security/2018/dsa-4307 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/ https://www.oracle.com/security-alerts/cpujan2020.html https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html RedHat Security Advisories: RHBA-2019:0327 https://access.redhat.com/errata/RHBA-2019:0327 RedHat Security Advisories: RHSA-2018:3041 https://access.redhat.com/errata/RHSA-2018:3041 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:1260 RedHat Security Advisories: RHSA-2019:3725 https://access.redhat.com/errata/RHSA-2019:3725 http://www.securitytracker.com/id/1042001 SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://usn.ubuntu.com/3817-1/ https://usn.ubuntu.com/3817-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1061
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.