Skip to navigation

Security Advisory python security update

Advisory: RHSA-2005:108-05
Type: Security Advisory
Severity: Important
Issued on: 2005-02-15
Last updated on: 2005-02-15
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2005-0089

Details

Updated Python packages that fix several security issues are now available
for Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team

Python is an interpreted, interactive, object-oriented programming language.

An object traversal bug was found in the Python SimpleXMLRPCServer. This
bug could allow a remote untrusted user to do unrestricted object traversal
and allow them to access or change function internals using the im_* and
func_* attributes. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0089 to this issue.

Users of Python are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 4)

IA-32:
python-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 2712b8f9d2912600d8f646d35f689996
python-devel-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: be88db797f56d1a501ed3732757b657d
python-docs-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 20a88af26a767018c87e39032552a57a
python-tools-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 05a2588346ef5950ae83b76f140cd029
tkinter-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 689f7fc46cf2e5e2107653f5f338f471
 
x86_64:
python-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: ba4668c9e17ec0a36950f84a6e4d6ed9
python-devel-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 51c6c2801c10e1ab406303446b2b2f11
python-docs-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 5f32fc6f75760f31ca259534af097eb2
python-tools-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: fdabec76f02d3616b5a540f0402c5237
tkinter-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 26bb9a58781a462848dc632bfd08eb81
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
python-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 2712b8f9d2912600d8f646d35f689996
python-devel-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: be88db797f56d1a501ed3732757b657d
python-docs-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 20a88af26a767018c87e39032552a57a
python-tools-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 05a2588346ef5950ae83b76f140cd029
tkinter-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 689f7fc46cf2e5e2107653f5f338f471
 
IA-64:
python-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 6ba1f92092692ce7dc000f2396444430
python-devel-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: f45375f74a80c5a541c5c6f8c511c6ed
python-docs-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: aea178005376626a739f9e9deb46d85e
python-tools-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 68884aa4b76210190f984b0a644b7bcc
tkinter-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 1182fdc4661ee0aaa6187a4adcf88309
 
PPC:
python-2.3.4-14.1.ppc.rpm
File outdated by:  RHSA-2011:0491
    MD5: ef9131d7daa839fb8b80051c0a248ec8
python-devel-2.3.4-14.1.ppc.rpm
File outdated by:  RHSA-2011:0491
    MD5: 974938aea5959d3b9d7dfe17bee28bc8
python-docs-2.3.4-14.1.ppc.rpm
File outdated by:  RHSA-2011:0491
    MD5: 29b6d4fc9a8e46a5dd4ea76eb0262ec5
python-tools-2.3.4-14.1.ppc.rpm
File outdated by:  RHSA-2011:0491
    MD5: ad59f7d118c70b89c522a28054df5abd
tkinter-2.3.4-14.1.ppc.rpm
File outdated by:  RHSA-2011:0491
    MD5: 85e2c0aec90cd30f2b6a0bb4f711f06e
 
s390:
python-2.3.4-14.1.s390.rpm
File outdated by:  RHSA-2011:0491
    MD5: c2c5d0e3a66dcfd17ebaffdadbb84d8a
python-devel-2.3.4-14.1.s390.rpm
File outdated by:  RHSA-2011:0491
    MD5: 1192f7711e7296bd55e407afe275dea2
python-docs-2.3.4-14.1.s390.rpm
File outdated by:  RHSA-2011:0491
    MD5: baaccfd176d523a9019befc6ca3e4546
python-tools-2.3.4-14.1.s390.rpm
File outdated by:  RHSA-2011:0491
    MD5: 757b1117779443567ae9f9ba5470397d
tkinter-2.3.4-14.1.s390.rpm
File outdated by:  RHSA-2011:0491
    MD5: 8ab54fcc6429685ca89a004255da2302
 
s390x:
python-2.3.4-14.1.s390x.rpm
File outdated by:  RHSA-2011:0491
    MD5: 7364a75ad005e960d90c68c26db1b9d6
python-devel-2.3.4-14.1.s390x.rpm
File outdated by:  RHSA-2011:0491
    MD5: 57ed41904fd90af8020cb2a12c6b9efa
python-docs-2.3.4-14.1.s390x.rpm
File outdated by:  RHSA-2011:0491
    MD5: 5c001929d0620a477310cfcc611b57bf
python-tools-2.3.4-14.1.s390x.rpm
File outdated by:  RHSA-2011:0491
    MD5: 4ec4346b001bd2b2568ac7b3d2fc18ba
tkinter-2.3.4-14.1.s390x.rpm
File outdated by:  RHSA-2011:0491
    MD5: cd2d59c73aa0dee5c8140b653b74792c
 
x86_64:
python-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: ba4668c9e17ec0a36950f84a6e4d6ed9
python-devel-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 51c6c2801c10e1ab406303446b2b2f11
python-docs-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 5f32fc6f75760f31ca259534af097eb2
python-tools-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: fdabec76f02d3616b5a540f0402c5237
tkinter-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 26bb9a58781a462848dc632bfd08eb81
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
python-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 2712b8f9d2912600d8f646d35f689996
python-devel-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: be88db797f56d1a501ed3732757b657d
python-docs-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 20a88af26a767018c87e39032552a57a
python-tools-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 05a2588346ef5950ae83b76f140cd029
tkinter-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 689f7fc46cf2e5e2107653f5f338f471
 
IA-64:
python-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 6ba1f92092692ce7dc000f2396444430
python-devel-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: f45375f74a80c5a541c5c6f8c511c6ed
python-docs-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: aea178005376626a739f9e9deb46d85e
python-tools-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 68884aa4b76210190f984b0a644b7bcc
tkinter-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 1182fdc4661ee0aaa6187a4adcf88309
 
x86_64:
python-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: ba4668c9e17ec0a36950f84a6e4d6ed9
python-devel-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 51c6c2801c10e1ab406303446b2b2f11
python-docs-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 5f32fc6f75760f31ca259534af097eb2
python-tools-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: fdabec76f02d3616b5a540f0402c5237
tkinter-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 26bb9a58781a462848dc632bfd08eb81
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
python-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 2712b8f9d2912600d8f646d35f689996
python-devel-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: be88db797f56d1a501ed3732757b657d
python-docs-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 20a88af26a767018c87e39032552a57a
python-tools-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 05a2588346ef5950ae83b76f140cd029
tkinter-2.3.4-14.1.i386.rpm
File outdated by:  RHSA-2011:0491
    MD5: 689f7fc46cf2e5e2107653f5f338f471
 
IA-64:
python-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 6ba1f92092692ce7dc000f2396444430
python-devel-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: f45375f74a80c5a541c5c6f8c511c6ed
python-docs-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: aea178005376626a739f9e9deb46d85e
python-tools-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 68884aa4b76210190f984b0a644b7bcc
tkinter-2.3.4-14.1.ia64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 1182fdc4661ee0aaa6187a4adcf88309
 
x86_64:
python-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: ba4668c9e17ec0a36950f84a6e4d6ed9
python-devel-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 51c6c2801c10e1ab406303446b2b2f11
python-docs-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 5f32fc6f75760f31ca259534af097eb2
python-tools-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: fdabec76f02d3616b5a540f0402c5237
tkinter-2.3.4-14.1.x86_64.rpm
File outdated by:  RHSA-2011:0491
    MD5: 26bb9a58781a462848dc632bfd08eb81
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

146649 - CAN-2005-0089 python SimpleXMLRPCServer security issue


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/