-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-6b02154aa0 2019-03-29 02:58:04.250160 --------------------------------------------------------------------------------
Name : python34 Product : Fedora 29 Version : 3.4.10 Release : 1.fc29 URL : http://www.python.org/ Summary : Version 3.4 of the Python programming language Description : Python 3.4 package for developers.
This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software Collections.
-------------------------------------------------------------------------------- Update Information:
Last upstream Python 3.4 security release, 3.4.10. Security fix for CVE-2019-9636, CVE-2019-5010, CVE-2018-20406. -------------------------------------------------------------------------------- ChangeLog:
* Tue Mar 19 2019 Miro Hron��ok mhroncok@redhat.com - 3.4.10-1 - Update to 3.4.10 * Tue Mar 5 2019 Miro Hron��ok mhroncok@redhat.com - 3.4.10~rc1-1 - Update to 3.4.10rc1 * Sun Feb 17 2019 Igor Gnatenko ignatenkobrain@fedoraproject.org - 3.4.9-8 - Rebuild for readline 8.0 * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 3.4.9-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 14 2019 Bj��rn Esser besser82@fedoraproject.org - 3.4.9-6 - Rebuilt for libcrypt.so.2 (#1666033) * Fri Jan 11 2019 Bj��rn Esser besser82@fedoraproject.org - 3.4.9-5 - Add missing semicolon in patch 00290 * Mon Sep 24 2018 Miro Hron��ok mhroncok@redhat.com - 3.4.9-4 - Security fix for CVE-2018-14647 (#1631822) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1688543 - CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization https://bugzilla.redhat.com/show_bug.cgi?id=1688543 [ 2 ] Bug #1666519 - CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate https://bugzilla.redhat.com/show_bug.cgi?id=1666519 [ 3 ] Bug #1664509 - CVE-2018-20406 python: Integer overflow in Modules/_pickle.c allows for memory exhaustion if serializing gigabytes of data https://bugzilla.redhat.com/show_bug.cgi?id=1664509 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-6b02154aa0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------