An Updated mod_python package that fixes a security issue in the publisher
handler is now available.
Mod_python is a module that embeds the Python language interpreter within
the Apache web server, allowing handlers to be written in Python.
Graham Dumpleton discovered a flaw affecting the publisher handler of
mod_python, used to make objects inside modules callable via URL.
A remote user could visit a carefully crafted URL that would gain access to
objects that should not be visible, leading to an information leak. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0088 to this issue.
Users of mod_python are advised to upgrade to this updated package,
which contains a backported patch to correct this issue.
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
| Red Hat Desktop (v. 3) |
|
| SRPMS: |
| mod_python-3.0.3-5.ent.src.rpm |
d1cb5d2b6e13fc10998d481716b32097 |
| |
| IA-32: |
| mod_python-3.0.3-5.ent.i386.rpm |
d8cc1605bb68dddd5c51a4300600a16a |
| |
| x86_64: |
| mod_python-3.0.3-5.ent.x86_64.rpm |
781ce623934b25860708c3989d0d8d22 |
| |
| Red Hat Enterprise Linux AS (v. 2.1) |
|
| SRPMS: |
| mod_python-2.7.8-3.1.src.rpm |
50b86b5d12fb752e233d06bbf27e25e4 |
| |
| IA-32: |
| mod_python-2.7.8-3.1.i386.rpm |
b51bdac75600cd7c80060334ce5373f2 |
| |
| IA-64: |
| mod_python-2.7.8-3.1.ia64.rpm |
f6645270af7c98323e7779ac1be4501b |
| |
| Red Hat Enterprise Linux AS (v. 3) |
|
| SRPMS: |
| mod_python-3.0.3-5.ent.src.rpm |
d1cb5d2b6e13fc10998d481716b32097 |
| |
| IA-32: |
| mod_python-3.0.3-5.ent.i386.rpm |
d8cc1605bb68dddd5c51a4300600a16a |
| |
| IA-64: |
| mod_python-3.0.3-5.ent.ia64.rpm |
2c09223945087dd8948b2b3c4dfe3f01 |
| |
| PPC: |
| mod_python-3.0.3-5.ent.ppc.rpm |
b02b5f309e8b1791b5ce1fe2543541c0 |
| |
| s390: |
| mod_python-3.0.3-5.ent.s390.rpm |
95c7d6c8747e8b04bb8dcc5678c4d465 |
| |
| s390x: |
| mod_python-3.0.3-5.ent.s390x.rpm |
bee109211e88d46749152476a17f94c3 |
| |
| x86_64: |
| mod_python-3.0.3-5.ent.x86_64.rpm |
781ce623934b25860708c3989d0d8d22 |
| |
| Red Hat Enterprise Linux ES (v. 2.1) |
|
| SRPMS: |
| mod_python-2.7.8-3.1.src.rpm |
50b86b5d12fb752e233d06bbf27e25e4 |
| |
| IA-32: |
| mod_python-2.7.8-3.1.i386.rpm |
b51bdac75600cd7c80060334ce5373f2 |
| |
| Red Hat Enterprise Linux ES (v. 3) |
|
| SRPMS: |
| mod_python-3.0.3-5.ent.src.rpm |
d1cb5d2b6e13fc10998d481716b32097 |
| |
| IA-32: |
| mod_python-3.0.3-5.ent.i386.rpm |
d8cc1605bb68dddd5c51a4300600a16a |
| |
| IA-64: |
| mod_python-3.0.3-5.ent.ia64.rpm |
2c09223945087dd8948b2b3c4dfe3f01 |
| |
| x86_64: |
| mod_python-3.0.3-5.ent.x86_64.rpm |
781ce623934b25860708c3989d0d8d22 |
| |
| Red Hat Enterprise Linux WS (v. 2.1) |
|
| SRPMS: |
| mod_python-2.7.8-3.1.src.rpm |
50b86b5d12fb752e233d06bbf27e25e4 |
| |
| IA-32: |
| mod_python-2.7.8-3.1.i386.rpm |
b51bdac75600cd7c80060334ce5373f2 |
| |
| Red Hat Enterprise Linux WS (v. 3) |
|
| SRPMS: |
| mod_python-3.0.3-5.ent.src.rpm |
d1cb5d2b6e13fc10998d481716b32097 |
| |
| IA-32: |
| mod_python-3.0.3-5.ent.i386.rpm |
d8cc1605bb68dddd5c51a4300600a16a |
| |
| IA-64: |
| mod_python-3.0.3-5.ent.ia64.rpm |
2c09223945087dd8948b2b3c4dfe3f01 |
| |
| x86_64: |
| mod_python-3.0.3-5.ent.x86_64.rpm |
781ce623934b25860708c3989d0d8d22 |
| |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor |
|
| SRPMS: |
| mod_python-2.7.8-3.1.src.rpm |
50b86b5d12fb752e233d06bbf27e25e4 |
| |
| IA-64: |
| mod_python-2.7.8-3.1.ia64.rpm |
f6645270af7c98323e7779ac1be4501b |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
146655 - CAN-2005-0088 mod_python information leak
mod_python security update