Skip to navigation

Security Advisory Moderate: python security update

Advisory: RHSA-2012:0744-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-06-18
Last updated on: 2012-06-18
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-4940
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150

Details

Updated python packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Python is an interpreted, interactive, object-oriented programming
language.

A denial of service flaw was found in the implementation of associative
arrays (dictionaries) in Python. An attacker able to supply a large number
of inputs to a Python application (such as HTTP POST request parameters
sent to a web application) that are used as keys when inserting data into
an array could trigger multiple hash function collisions, making array
operations take an excessive amount of CPU time. To mitigate this issue,
randomization has been added to the hash function to reduce the chance of
an attacker successfully causing intentional collisions. (CVE-2012-1150)

Note: The hash randomization is not enabled by default as it may break
applications that incorrectly depend on dictionary ordering. To enable the
protection, the new "PYTHONHASHSEED" environment variable or the Python
interpreter's "-R" command line option can be used. Refer to the python(1)
manual page for details.

The RHSA-2012:0731 expat erratum must be installed with this update, which
adds hash randomization to the Expat library used by the Python pyexpat
module.

A flaw was found in the way the Python SimpleXMLRPCServer module handled
clients disconnecting prematurely. A remote attacker could use this flaw to
cause excessive CPU consumption on a server using SimpleXMLRPCServer.
(CVE-2012-0845)

A flaw was found in the way the Python SimpleHTTPServer module generated
directory listings. An attacker able to upload a file with a
specially-crafted name to a server could possibly perform a cross-site
scripting (XSS) attack against victims visiting a listing page generated by
SimpleHTTPServer, for a directory containing the crafted file (if the
victims were using certain web browsers). (CVE-2011-4940)

A race condition was found in the way the Python distutils module set file
permissions during the creation of the .pypirc file. If a local user had
access to the home directory of another user who is running distutils, they
could use this flaw to gain access to that user's .pypirc file, which can
contain usernames and passwords for code repositories. (CVE-2011-4944)

Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT
acknowledges Julian Wälde and Alexander Klink as the original reporters of
CVE-2012-1150.

All Python users should upgrade to these updated packages, which contain
backported patches to correct these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
IA-32:
python-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 334cb077087c56a6b7077ca891cab72a
SHA-256: 9da4f2ad3208a0059236143b636a8ac5d0db0d81d3a2d7965ce113c313bfc4ce
python-debuginfo-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: ffde1c100d738e9cd030e62aa4a3a940
SHA-256: d24d62c95a2e9bf4f7f965286e905fa3f37f929080f407c940e8278f1fa4f08a
python-devel-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9c0d23e41f943c71732ebe620ef2154
SHA-256: be1f4034b4ca0acdd5a6c82a71ee70ced4fb5638e18b0d397f67267de821526c
python-libs-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: adbc96afb7f3a95be8117b34b5b7a845
SHA-256: 2d14e9d4b67081f7f5ec4b89c0273dfb4ff356d487e751f50ec494c62a99b902
python-test-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 435826f30001edf389e59781bac75686
SHA-256: bec8e52f745b38afd3e2b252231269c51a5818d141baa6cfdc64a15b575db344
python-tools-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 2c8c48dc95d53df421a0f3ba75b3a598
SHA-256: 89e5c19835c17ac217b3c0bfaa96ec84a781151b558998141a4e7ebdf73e8be8
tkinter-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d717a1606db67f89f176bbd2dbf83476
SHA-256: 59627c3476418d478aed6b2283de0dd07508089ff0ff6c8bda49eec41bd84b0f
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2012:1250
    MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
IA-32:
python-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 334cb077087c56a6b7077ca891cab72a
SHA-256: 9da4f2ad3208a0059236143b636a8ac5d0db0d81d3a2d7965ce113c313bfc4ce
python-debuginfo-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: ffde1c100d738e9cd030e62aa4a3a940
SHA-256: d24d62c95a2e9bf4f7f965286e905fa3f37f929080f407c940e8278f1fa4f08a
python-devel-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9c0d23e41f943c71732ebe620ef2154
SHA-256: be1f4034b4ca0acdd5a6c82a71ee70ced4fb5638e18b0d397f67267de821526c
python-libs-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: adbc96afb7f3a95be8117b34b5b7a845
SHA-256: 2d14e9d4b67081f7f5ec4b89c0273dfb4ff356d487e751f50ec494c62a99b902
python-test-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 435826f30001edf389e59781bac75686
SHA-256: bec8e52f745b38afd3e2b252231269c51a5818d141baa6cfdc64a15b575db344
python-tools-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 2c8c48dc95d53df421a0f3ba75b3a598
SHA-256: 89e5c19835c17ac217b3c0bfaa96ec84a781151b558998141a4e7ebdf73e8be8
tkinter-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d717a1606db67f89f176bbd2dbf83476
SHA-256: 59627c3476418d478aed6b2283de0dd07508089ff0ff6c8bda49eec41bd84b0f
 
PPC:
python-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: eb743ac3ab3b641b144105f666cd1b28
SHA-256: 9a9a3ce181f869eac79479a1bb34ff33561838e157121df9e66d4ad43271bdc0
python-debuginfo-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: c90bbfe4f6da7e0171ffe04de5af0a7c
SHA-256: 25564aa3fa85a28e33827adc3775f64cfe4e80e1f3ee1b752e0d46246506cad4
python-devel-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1cc987be7f47c758e35bffa8bdf542bf
SHA-256: a5bf009deb4693f3b726a0b40ba649cbdd23a2ac217130253af1fabb96d6e1f1
python-libs-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d7b457f1735d1a43668ffaf7994550de
SHA-256: c82576d2d45052124ddacb92fbe57e3a56da821fb267d721c89737ff3e1ae28c
python-test-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 2602f12d9e7dce25669b6292b7484128
SHA-256: 13301bb8fb8f813f2ae264017f805d25c6c04606e423ad1641e568a61ddde4d8
python-tools-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: e9903839504312db4c1a740b27a81912
SHA-256: ae4175f850a1ddd1d23f72f32498ee85531431813f1ade7a10810519de3693e0
tkinter-2.6.6-29.el6_2.2.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: bfa3d41c591f32ef4f137bd98c145ed1
SHA-256: 4be22fb6180f17dcf5b6fd84aa00f1cf789f2649e9577d3b9cdcb34a86edbaba
 
s390x:
python-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: fea64241642ddbf8176f6e77c26a7dad
SHA-256: 8239e543b013fb4e914548d6ee5a12c06ff6fad23cd39108f53c426b4e1814ef
python-debuginfo-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 7a60be74b53783a95bba2a6947a472a2
SHA-256: 18d0330c57f5ff675a48dee14a15e3b8ddb9b78d4b49d8cbfb111b5d32269ab8
python-devel-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 674761f85a5b177976105c152d25a5e4
SHA-256: a19f47acec5442302e291ce6e49b8ac9411fca4b5b4330be3ad51bcf3d589692
python-libs-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 5d5a322e3c10d44fdc1af3f5916a7fe9
SHA-256: 3720689fa35e42fae031dfaf9065c4385bdadaab6167136c9cdb25a3d1077f6b
python-test-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 6a1fdc87e1b4ac4b33de6a49743f0e97
SHA-256: f3b7b8abc82868b8224e78fdee59b17bc9f5e0d739cc7c5500350d2724590916
python-tools-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 77e9ed83c583f7936440c5b21ba1a0e5
SHA-256: 5df3a6a6500b7e8d31e10e290a3329ecb1dd3ef9e6e90aba3dcc758b7c9f37bb
tkinter-2.6.6-29.el6_2.2.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 838385908b60bab8dca2d9560fc5697f
SHA-256: b489685fe8ac83d45547b47992097dce91ac79bd473ea66ef8d5525f38d3cef6
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm     MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm     MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
IA-32:
python-2.6.6-29.el6_2.2.i686.rpm     MD5: 334cb077087c56a6b7077ca891cab72a
SHA-256: 9da4f2ad3208a0059236143b636a8ac5d0db0d81d3a2d7965ce113c313bfc4ce
python-debuginfo-2.6.6-29.el6_2.2.i686.rpm     MD5: ffde1c100d738e9cd030e62aa4a3a940
SHA-256: d24d62c95a2e9bf4f7f965286e905fa3f37f929080f407c940e8278f1fa4f08a
python-devel-2.6.6-29.el6_2.2.i686.rpm     MD5: d9c0d23e41f943c71732ebe620ef2154
SHA-256: be1f4034b4ca0acdd5a6c82a71ee70ced4fb5638e18b0d397f67267de821526c
python-libs-2.6.6-29.el6_2.2.i686.rpm     MD5: adbc96afb7f3a95be8117b34b5b7a845
SHA-256: 2d14e9d4b67081f7f5ec4b89c0273dfb4ff356d487e751f50ec494c62a99b902
python-test-2.6.6-29.el6_2.2.i686.rpm     MD5: 435826f30001edf389e59781bac75686
SHA-256: bec8e52f745b38afd3e2b252231269c51a5818d141baa6cfdc64a15b575db344
python-tools-2.6.6-29.el6_2.2.i686.rpm     MD5: 2c8c48dc95d53df421a0f3ba75b3a598
SHA-256: 89e5c19835c17ac217b3c0bfaa96ec84a781151b558998141a4e7ebdf73e8be8
tkinter-2.6.6-29.el6_2.2.i686.rpm     MD5: d717a1606db67f89f176bbd2dbf83476
SHA-256: 59627c3476418d478aed6b2283de0dd07508089ff0ff6c8bda49eec41bd84b0f
 
PPC:
python-2.6.6-29.el6_2.2.ppc64.rpm     MD5: eb743ac3ab3b641b144105f666cd1b28
SHA-256: 9a9a3ce181f869eac79479a1bb34ff33561838e157121df9e66d4ad43271bdc0
python-debuginfo-2.6.6-29.el6_2.2.ppc64.rpm     MD5: c90bbfe4f6da7e0171ffe04de5af0a7c
SHA-256: 25564aa3fa85a28e33827adc3775f64cfe4e80e1f3ee1b752e0d46246506cad4
python-devel-2.6.6-29.el6_2.2.ppc64.rpm     MD5: 1cc987be7f47c758e35bffa8bdf542bf
SHA-256: a5bf009deb4693f3b726a0b40ba649cbdd23a2ac217130253af1fabb96d6e1f1
python-libs-2.6.6-29.el6_2.2.ppc64.rpm     MD5: d7b457f1735d1a43668ffaf7994550de
SHA-256: c82576d2d45052124ddacb92fbe57e3a56da821fb267d721c89737ff3e1ae28c
python-test-2.6.6-29.el6_2.2.ppc64.rpm     MD5: 2602f12d9e7dce25669b6292b7484128
SHA-256: 13301bb8fb8f813f2ae264017f805d25c6c04606e423ad1641e568a61ddde4d8
python-tools-2.6.6-29.el6_2.2.ppc64.rpm     MD5: e9903839504312db4c1a740b27a81912
SHA-256: ae4175f850a1ddd1d23f72f32498ee85531431813f1ade7a10810519de3693e0
tkinter-2.6.6-29.el6_2.2.ppc64.rpm     MD5: bfa3d41c591f32ef4f137bd98c145ed1
SHA-256: 4be22fb6180f17dcf5b6fd84aa00f1cf789f2649e9577d3b9cdcb34a86edbaba
 
s390x:
python-2.6.6-29.el6_2.2.s390x.rpm     MD5: fea64241642ddbf8176f6e77c26a7dad
SHA-256: 8239e543b013fb4e914548d6ee5a12c06ff6fad23cd39108f53c426b4e1814ef
python-debuginfo-2.6.6-29.el6_2.2.s390x.rpm     MD5: 7a60be74b53783a95bba2a6947a472a2
SHA-256: 18d0330c57f5ff675a48dee14a15e3b8ddb9b78d4b49d8cbfb111b5d32269ab8
python-devel-2.6.6-29.el6_2.2.s390x.rpm     MD5: 674761f85a5b177976105c152d25a5e4
SHA-256: a19f47acec5442302e291ce6e49b8ac9411fca4b5b4330be3ad51bcf3d589692
python-libs-2.6.6-29.el6_2.2.s390x.rpm     MD5: 5d5a322e3c10d44fdc1af3f5916a7fe9
SHA-256: 3720689fa35e42fae031dfaf9065c4385bdadaab6167136c9cdb25a3d1077f6b
python-test-2.6.6-29.el6_2.2.s390x.rpm     MD5: 6a1fdc87e1b4ac4b33de6a49743f0e97
SHA-256: f3b7b8abc82868b8224e78fdee59b17bc9f5e0d739cc7c5500350d2724590916
python-tools-2.6.6-29.el6_2.2.s390x.rpm     MD5: 77e9ed83c583f7936440c5b21ba1a0e5
SHA-256: 5df3a6a6500b7e8d31e10e290a3329ecb1dd3ef9e6e90aba3dcc758b7c9f37bb
tkinter-2.6.6-29.el6_2.2.s390x.rpm     MD5: 838385908b60bab8dca2d9560fc5697f
SHA-256: b489685fe8ac83d45547b47992097dce91ac79bd473ea66ef8d5525f38d3cef6
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm     MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm     MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm     MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
python-2.6.6-29.el6_2.2.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: c5fdeace88c01affb34a502e23ff5699
SHA-256: 8522356fe5a801bbc238ef37f364e28e884d2723152de9b1ebd17ad55ccb4b7a
 
IA-32:
python-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 334cb077087c56a6b7077ca891cab72a
SHA-256: 9da4f2ad3208a0059236143b636a8ac5d0db0d81d3a2d7965ce113c313bfc4ce
python-debuginfo-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: ffde1c100d738e9cd030e62aa4a3a940
SHA-256: d24d62c95a2e9bf4f7f965286e905fa3f37f929080f407c940e8278f1fa4f08a
python-devel-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9c0d23e41f943c71732ebe620ef2154
SHA-256: be1f4034b4ca0acdd5a6c82a71ee70ced4fb5638e18b0d397f67267de821526c
python-libs-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: adbc96afb7f3a95be8117b34b5b7a845
SHA-256: 2d14e9d4b67081f7f5ec4b89c0273dfb4ff356d487e751f50ec494c62a99b902
python-test-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 435826f30001edf389e59781bac75686
SHA-256: bec8e52f745b38afd3e2b252231269c51a5818d141baa6cfdc64a15b575db344
python-tools-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 2c8c48dc95d53df421a0f3ba75b3a598
SHA-256: 89e5c19835c17ac217b3c0bfaa96ec84a781151b558998141a4e7ebdf73e8be8
tkinter-2.6.6-29.el6_2.2.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: d717a1606db67f89f176bbd2dbf83476
SHA-256: 59627c3476418d478aed6b2283de0dd07508089ff0ff6c8bda49eec41bd84b0f
 
x86_64:
python-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 34555f7f481422bbc28e9b52f662c9b4
SHA-256: ef8789f5be2cacfb97d65f17948d872fef97a08c52d0cf83e91d2ea291de50c1
python-debuginfo-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 402e0d3f49634c78b0b303cadfeb7617
SHA-256: f2859acd2b35ebab015e193f594464a35211202d3477e022ffde75e5d6a3640d
python-devel-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 94d92edcc00dff7475c724a01e0aba8c
SHA-256: b2382f76ad120416a12c0d3bd70486a75b53754ea9a4f8efb2209cdb1929d8f5
python-libs-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 094f8667c277661502602a6542fe303d
SHA-256: de78b84fe705c0b63ebaa8bfe07722fa0cca7f50087dd561b2da3bca846bc6b9
python-test-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d9b3a1ac65cd35bed60255d59174061b
SHA-256: 699314cdcc895c0332fc8daee6d17ff2352151cf3b51a0c683f966ff54ed89e8
python-tools-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: b48998a5e86da25434b6a3c580b147c9
SHA-256: 388891666c1d3a8af17dfefba5f26db0e07d88afa6c6b5946c8cfb2a20703e0e
tkinter-2.6.6-29.el6_2.2.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 5f82c886a4a5bc368e1163379790754c
SHA-256: 572d449936391387c35aef0b2efd33adcb7086be20919ceaeed474f20e64bf4a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

750555 - CVE-2012-1150 python: hash table collisions CPU usage DoS (oCERT-2011-003)
758905 - CVE-2011-4944 python: distutils creates ~/.pypirc insecurely
789790 - CVE-2012-0845 python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
803500 - CVE-2011-4940 python: potential XSS in SimpleHTTPServer's list_directory()


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/