- Vulnerability/
- RHSA-2018:2123
RHSA-2018:2123: Moderate: python security update
First published: Tue Jul 03 2018(Updated: )
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.<br>Security Fix(es):<br><li> A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)</li> Note: This update modifies the Python ssl module to disable 3DES cipher suites by default.<br>Red Hat would like to thank OpenVPN for reporting this issue. Upstream acknowledges Karthikeyan Bhargavan (Inria) and Gaëtan Leurent (Inria) as the original reporters.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/python | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debug | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debuginfo | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debuginfo | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-devel | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-libs | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-libs | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-test | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-tools | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/tkinter | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debug | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-devel | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-test | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-tools | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/tkinter | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debug | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-debuginfo | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-devel | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-libs | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-test | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python-tools | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/tkinter | <2.7.5-69.el7_5 | 2.7.5-69.el7_5 |
| redhat/python | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-debug | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-debuginfo | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-devel | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-libs | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-test | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/python-tools | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
| redhat/tkinter | <2.7.5-69.el7_5.aa | 2.7.5-69.el7_5.aa |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/severity
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/title
- agent/references
- agent/remedy
- agent/tags
- agent/description
- agent/event
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2018:2123
- agent/software-canonical-lookup
- package-manager/redhat