MGASA-2016-0230
Advisory lineage Upstream: 3 Downstream: 0
Published: 22 Jun 2016, 16:36
Last modified:16 Apr 2026, 06:24
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 Jun 2016, 16:36
Published
Vulnerability first disclosed
16 Apr 2026, 06:24
Last Modified
Vulnerability information updated
Description
Updated python packages fix security vulnerabilities Updated python and python3 packages fixes security vulnerability: - Heap overflow in zipimporter module (CVE-2016-5636). - HTTP header injection in urrlib2/urllib/httplib/http.client (CVE-2016-5699). - smtplib StartTLS stripping attack (CVE-2016-0772).
Affected Systems
- mageia•python
< 2.7.9-2.3.mga5
- mageia•python3
< 3.4.3-1.4.mga5
References (8)
- https://advisories.mageia.org/MGASA-2016-0230.html
- https://bugs.mageia.org/show_bug.cgi?id=18691
- http://openwall.com/lists/oss-security/2016/06/16/1
- http://openwall.com/lists/oss-security/2016/06/16/2
- http://openwall.com/lists/oss-security/2016/06/14/9
- https://bugs.python.org/issue26171
- https://bugs.python.org/issue5124
- https://bugs.python.org/issue22928