Security Advisory Moderate: python security, bug fix, and enhancement update

Advisory: RHSA-2013:1582-2
Type: Security Advisory
Severity: Moderate
Issued on: 2013-11-21
Last updated on: 2013-11-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2013-4238

Details

Updated python packages that fix one security issue, several bugs, and add
one enhancement are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Python is an interpreted, interactive, object-oriented programming
language.

A flaw was found in the way the Python SSL module handled X.509 certificate
fields that contain a NULL byte. An attacker could potentially exploit this
flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that
to exploit this issue, an attacker would need to obtain a carefully crafted
certificate signed by an authority that the client trusts. (CVE-2013-4238)

These updated python packages include numerous bug fixes and one
enhancement. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical
Notes, linked to in the References, for information on the most significant
of these changes.

All users of python are advised to upgrade to these updated packages, which
fix these issues and add this enhancement.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
python-2.6.6-51.el6.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: fbbde10c7d8ba7a22a1da9260bf0348e
SHA-256: 4cdcb47d34834c7f7125d1d68985fcb2cab8277860f17d5b73487bc698242ea9
 
IA-32:
python-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 89300386ad60e0649b8b2cd6c6533d0b
SHA-256: 9f47ef0d8c6e52cd25f8074786e08c4f7a7f989222fd89f673e6ad094b064d8c
python-debuginfo-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 78dddc096cc94a7305853e8f5624a048
SHA-256: 6681c0454d04e74dbebb920ab76088ba680940c261681f716bfb044dba44ac5a
python-devel-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 42d7ceb5ce27f410706324300bd86440
SHA-256: def54f9d0f121623abeec871dfc0564706a272eef969002bbdb571e9332f6912
python-libs-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 70e760f7d7405d5747b7a86c3e57884e
SHA-256: 54f321df31eb5a59bd53eac39c8ba9e285efcab156a1fda3c5f5b9aa3f214355
python-test-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1540efeb865e87e64db7d717d9cc480b
SHA-256: 65baf2217843e7f51e32c7681b5406c05de7e14a5f4b870dba0bc6e267c5e820
python-tools-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: b46ae2c052b8d0e913725b3d969f8906
SHA-256: 9a061d38494b8c1fa68e012cfde20f971a1e742cdc4b05901896893a00737909
tkinter-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: cd41fd79d1ef0513246c05c6be11a937
SHA-256: 3ef617c5147a37c312c6b329b48cb8fcf51de43d90619c01a8620ec674317829
 
x86_64:
python-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1ef2a05244177af8dee2786297625231
SHA-256: 3f4bc8524a1cbeaa93f234904eba7ceecdaf2f1dc5bdcd471849fa9b7b57a53a
python-debuginfo-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 823fe006fd1abd23bb86f43d652da303
SHA-256: 22fd9e827d8a93c8ef28fc2089c0b0c180b3cbd6cc4d6475110403f4d76a9ad7
python-devel-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: f10eec980625b8b7166d497d444209aa
SHA-256: 76e97dd69f44849a78822b34ecb7d1002bd6a075e3bfe731aabf65fcb7a29eb9
python-libs-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: bc77d563fed6feed19e9ee1b815a639f
SHA-256: eb48f9b2cd3ffd7c77d03a5f8a693e31c8e78ffea4ebb85799abc8817000d0f4
python-test-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 72b5d092fd04045c09355488eaa8cca6
SHA-256: 391ad7628f1658d81e8fc542c09300cd47fc316f1344ea38887a70133d806c1d
python-tools-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 8adbdd3dbcf2050ecaff273d9b37923c
SHA-256: 9312aa6068e7cb0beedec29bd3841767b88a31d7348a540d0383be2a14fea394
tkinter-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 59d3573d088ab95054cf332037be1d3c
SHA-256: bd7a726dc03462c724663eb7abc77b1590c9f50c9020bbc9dfdcf8abbd058ddd
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
python-2.6.6-51.el6.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: fbbde10c7d8ba7a22a1da9260bf0348e
SHA-256: 4cdcb47d34834c7f7125d1d68985fcb2cab8277860f17d5b73487bc698242ea9
 
x86_64:
python-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1ef2a05244177af8dee2786297625231
SHA-256: 3f4bc8524a1cbeaa93f234904eba7ceecdaf2f1dc5bdcd471849fa9b7b57a53a
python-debuginfo-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 823fe006fd1abd23bb86f43d652da303
SHA-256: 22fd9e827d8a93c8ef28fc2089c0b0c180b3cbd6cc4d6475110403f4d76a9ad7
python-devel-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: f10eec980625b8b7166d497d444209aa
SHA-256: 76e97dd69f44849a78822b34ecb7d1002bd6a075e3bfe731aabf65fcb7a29eb9
python-libs-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: bc77d563fed6feed19e9ee1b815a639f
SHA-256: eb48f9b2cd3ffd7c77d03a5f8a693e31c8e78ffea4ebb85799abc8817000d0f4
python-test-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 72b5d092fd04045c09355488eaa8cca6
SHA-256: 391ad7628f1658d81e8fc542c09300cd47fc316f1344ea38887a70133d806c1d
python-tools-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 8adbdd3dbcf2050ecaff273d9b37923c
SHA-256: 9312aa6068e7cb0beedec29bd3841767b88a31d7348a540d0383be2a14fea394
tkinter-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 59d3573d088ab95054cf332037be1d3c
SHA-256: bd7a726dc03462c724663eb7abc77b1590c9f50c9020bbc9dfdcf8abbd058ddd
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
python-2.6.6-51.el6.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: fbbde10c7d8ba7a22a1da9260bf0348e
SHA-256: 4cdcb47d34834c7f7125d1d68985fcb2cab8277860f17d5b73487bc698242ea9
 
IA-32:
python-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 89300386ad60e0649b8b2cd6c6533d0b
SHA-256: 9f47ef0d8c6e52cd25f8074786e08c4f7a7f989222fd89f673e6ad094b064d8c
python-debuginfo-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 78dddc096cc94a7305853e8f5624a048
SHA-256: 6681c0454d04e74dbebb920ab76088ba680940c261681f716bfb044dba44ac5a
python-devel-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 42d7ceb5ce27f410706324300bd86440
SHA-256: def54f9d0f121623abeec871dfc0564706a272eef969002bbdb571e9332f6912
python-libs-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 70e760f7d7405d5747b7a86c3e57884e
SHA-256: 54f321df31eb5a59bd53eac39c8ba9e285efcab156a1fda3c5f5b9aa3f214355
python-test-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1540efeb865e87e64db7d717d9cc480b
SHA-256: 65baf2217843e7f51e32c7681b5406c05de7e14a5f4b870dba0bc6e267c5e820
python-tools-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: b46ae2c052b8d0e913725b3d969f8906
SHA-256: 9a061d38494b8c1fa68e012cfde20f971a1e742cdc4b05901896893a00737909
tkinter-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: cd41fd79d1ef0513246c05c6be11a937
SHA-256: 3ef617c5147a37c312c6b329b48cb8fcf51de43d90619c01a8620ec674317829
 
PPC:
python-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: d1647d658c8960b5ea7506b56ad42de9
SHA-256: 9bed4f85bc1c950a506c2aada4a799db8816ecb64c24f3414f1f18be84c0dbbc
python-debuginfo-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: e132dc2496fb423ab0021809407a37f7
SHA-256: 543234672984c61555fd54ae6d8ed885f02a9ff8901742002f2519b5dd12b236
python-devel-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: e4746ee65753fd77d2966d9c5bf726c2
SHA-256: 05fc5ecbd78ee9c27d0275aba27e1211d4e37c13fb266e91e1f9958030aa97eb
python-libs-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 0f758b50c508c85346ca9879b1311121
SHA-256: 2206e8c2a8aa78ec63abd22e461aeda28bc949f65d46bd39f4fa9cb68a6d6c46
python-test-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: c7bf828a87ca122a90b238f355a0992f
SHA-256: 125094366eabdb5fcb787df1963b7924f5a970cc92eb64c0aa0e7ac9b7171cd7
python-tools-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: ff3d215485d10ee0dafcf6d972eb01d0
SHA-256: 235f87db9f27e645901ab057adc0d72af8b01f857bfa762237b7a3c418c3b678
tkinter-2.6.6-51.el6.ppc64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 63eb7fed797c483789f611b261328df3
SHA-256: 969c1980188a625c97b818877633e6defbc23bdcb5d865716d6548f26ab703a1
 
s390x:
python-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 6eaec4455f5f65acd77f578499d94b06
SHA-256: 453d076a30ff3aea35d3ba7fa09f2a18e616209d2d9a798f35ebad548f049811
python-debuginfo-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 590285b483982a7d0562092409921023
SHA-256: 1ab871a2de1154c3c4cdc11caa4385339ce3b441013db657d49c83dc585135db
python-devel-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 506d9cd0f0c20e616d6d5368dc6ac93b
SHA-256: 515da53a165ec704b2a282d1ef3ae0091621f877f4815db3db37c121842e22c4
python-libs-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 18cbb3c7fd1830ac0f1ab9ebd1869590
SHA-256: a2746c3651e0dce1a2f82c033fa678a715bcc88d349ab3a023484b99c90ccb14
python-test-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: c4e76cab2390aa6ebeeceb92ee9c5266
SHA-256: 57464f989f0fde4db29e5e90acbfc9226a6ab0b3545e1634bd2477f0ec66be7a
python-tools-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: 269a0f195e5e5930fc7b64316a8f1737
SHA-256: c5ce596f2461b9024b55a55f32adc4e42f757486f26989f7c787a255c4f66bc4
tkinter-2.6.6-51.el6.s390x.rpm
File outdated by:  RHBA-2014:0085
    MD5: afad86b6075dea5fe18ac49de9670e9c
SHA-256: 2032667da0d2fe6b21839f78d589baa6b0bf390d0b114947262b42da2489d5bc
 
x86_64:
python-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1ef2a05244177af8dee2786297625231
SHA-256: 3f4bc8524a1cbeaa93f234904eba7ceecdaf2f1dc5bdcd471849fa9b7b57a53a
python-debuginfo-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 823fe006fd1abd23bb86f43d652da303
SHA-256: 22fd9e827d8a93c8ef28fc2089c0b0c180b3cbd6cc4d6475110403f4d76a9ad7
python-devel-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: f10eec980625b8b7166d497d444209aa
SHA-256: 76e97dd69f44849a78822b34ecb7d1002bd6a075e3bfe731aabf65fcb7a29eb9
python-libs-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: bc77d563fed6feed19e9ee1b815a639f
SHA-256: eb48f9b2cd3ffd7c77d03a5f8a693e31c8e78ffea4ebb85799abc8817000d0f4
python-test-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 72b5d092fd04045c09355488eaa8cca6
SHA-256: 391ad7628f1658d81e8fc542c09300cd47fc316f1344ea38887a70133d806c1d
python-tools-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 8adbdd3dbcf2050ecaff273d9b37923c
SHA-256: 9312aa6068e7cb0beedec29bd3841767b88a31d7348a540d0383be2a14fea394
tkinter-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 59d3573d088ab95054cf332037be1d3c
SHA-256: bd7a726dc03462c724663eb7abc77b1590c9f50c9020bbc9dfdcf8abbd058ddd
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
python-2.6.6-51.el6.src.rpm
File outdated by:  RHBA-2014:0085
    MD5: fbbde10c7d8ba7a22a1da9260bf0348e
SHA-256: 4cdcb47d34834c7f7125d1d68985fcb2cab8277860f17d5b73487bc698242ea9
 
IA-32:
python-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 89300386ad60e0649b8b2cd6c6533d0b
SHA-256: 9f47ef0d8c6e52cd25f8074786e08c4f7a7f989222fd89f673e6ad094b064d8c
python-debuginfo-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 78dddc096cc94a7305853e8f5624a048
SHA-256: 6681c0454d04e74dbebb920ab76088ba680940c261681f716bfb044dba44ac5a
python-devel-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 42d7ceb5ce27f410706324300bd86440
SHA-256: def54f9d0f121623abeec871dfc0564706a272eef969002bbdb571e9332f6912
python-libs-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 70e760f7d7405d5747b7a86c3e57884e
SHA-256: 54f321df31eb5a59bd53eac39c8ba9e285efcab156a1fda3c5f5b9aa3f214355
python-test-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1540efeb865e87e64db7d717d9cc480b
SHA-256: 65baf2217843e7f51e32c7681b5406c05de7e14a5f4b870dba0bc6e267c5e820
python-tools-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: b46ae2c052b8d0e913725b3d969f8906
SHA-256: 9a061d38494b8c1fa68e012cfde20f971a1e742cdc4b05901896893a00737909
tkinter-2.6.6-51.el6.i686.rpm
File outdated by:  RHBA-2014:0085
    MD5: cd41fd79d1ef0513246c05c6be11a937
SHA-256: 3ef617c5147a37c312c6b329b48cb8fcf51de43d90619c01a8620ec674317829
 
x86_64:
python-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 1ef2a05244177af8dee2786297625231
SHA-256: 3f4bc8524a1cbeaa93f234904eba7ceecdaf2f1dc5bdcd471849fa9b7b57a53a
python-debuginfo-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 823fe006fd1abd23bb86f43d652da303
SHA-256: 22fd9e827d8a93c8ef28fc2089c0b0c180b3cbd6cc4d6475110403f4d76a9ad7
python-devel-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: f10eec980625b8b7166d497d444209aa
SHA-256: 76e97dd69f44849a78822b34ecb7d1002bd6a075e3bfe731aabf65fcb7a29eb9
python-libs-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: bc77d563fed6feed19e9ee1b815a639f
SHA-256: eb48f9b2cd3ffd7c77d03a5f8a693e31c8e78ffea4ebb85799abc8817000d0f4
python-test-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 72b5d092fd04045c09355488eaa8cca6
SHA-256: 391ad7628f1658d81e8fc542c09300cd47fc316f1344ea38887a70133d806c1d
python-tools-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 8adbdd3dbcf2050ecaff273d9b37923c
SHA-256: 9312aa6068e7cb0beedec29bd3841767b88a31d7348a540d0383be2a14fea394
tkinter-2.6.6-51.el6.x86_64.rpm
File outdated by:  RHBA-2014:0085
    MD5: 59d3573d088ab95054cf332037be1d3c
SHA-256: bd7a726dc03462c724663eb7abc77b1590c9f50c9020bbc9dfdcf8abbd058ddd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

521898 - Fix instances of #!/usr/bin/env python in python-tools
841937 - RHEL 6 installation fails when Turkish language is selected
845802 - python prepends UTF-8 BOM syslog messages - causes messages to be treated a EMERG level
893034 - yum traceback with python-2.6.6-29.el6_2.2 and higher + missing /dev/urandom
919163 - python logging problem - when rotating to new log file, logger checks file's stat when the file does not exist
928390 - Python SSLSocket.getpeercert() incorrectly returns an empty Subject Alternative Name from peer certificate.
948025 - SocketServer doesn't handle syscall interruption
958868 - Downstream added "timeout=None" keyword argument causes regression in eventlet
960168 - failed incoming SSL connection stays open
978129 - Please consider to backport patch: issue9374 urlparse should parse query and fragment for arbitrary schemes
996381 - CVE-2013-4238 python: hostname check bypassing vulnerability in SSL module


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/