ClickCease CentOS 6 ELS: python package gradual rollout completed - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

CentOS 6 ELS: python package gradual rollout completed

October 5, 2021 - TuxCare PR Team

A new updated python package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

Errata: https://errata.cloudlinux.com/els6/CLSA-2021-1632401716.html


CHANGELOG

python-2.6.6-70.el6.cloudlinux.els

  • Fix prefix dot in domain for proper subdomain validation (CVE-2018-20852)
  • Fix allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client (CVE-2020-8492)
  • Fix http.client allows CRLF injection if the attacker controls the HTTP request method (CVE-2020-26116)
  • Fix unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)

UPDATE COMMAND

yum update python*

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

Strategies for Managing End-of-Life Operating...

End-of-life software is just a fact of our fast-paced technology...

January 30, 2023

Think You Can’t Afford Consistent...

Look, everyone knows that it’s a tough act. Thousands of...

January 17, 2023

Common Government Cybersecurity Standards –...

The public sector, including state and federal agencies, are at...

January 16, 2023

Which Linux Distro is Best...

If your organization deploys IoT solutions, you know that development...

December 1, 2022

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022