What Are You Looking For?

Sign Up
Synopsis:          Moderate: python security update
Advisory ID:       SLSA-2018:2123-1
Issue Date:        2018-07-03
CVE Numbers:       CVE-2016-2183
--

Security Fix(es):

* A flaw was found in the way the DES/3DES cipher was used as part of the
TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to
recover some plaintext data by capturing large amounts of encrypted
traffic between TLS/SSL server and client if the communication used a
DES/3DES based ciphersuite. (CVE-2016-2183)

Note: This update modifies the Python ssl module to disable 3DES cipher
suites by default.
--

SL7
  x86_64
    python-2.7.5-69.el7_5.x86_64.rpm
    python-debuginfo-2.7.5-69.el7_5.i686.rpm
    python-debuginfo-2.7.5-69.el7_5.x86_64.rpm
    python-libs-2.7.5-69.el7_5.i686.rpm
    python-libs-2.7.5-69.el7_5.x86_64.rpm
    python-debug-2.7.5-69.el7_5.x86_64.rpm
    python-devel-2.7.5-69.el7_5.x86_64.rpm
    python-test-2.7.5-69.el7_5.x86_64.rpm
    python-tools-2.7.5-69.el7_5.x86_64.rpm
    tkinter-2.7.5-69.el7_5.x86_64.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2018-2123-1 Moderate: python on SL7.x x86_64

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol

Summary

Moderate: python security update



Security Fixes

* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
Note: This update modifies the Python ssl module to disable 3DES cipher suites by default.
SL7 x86_64 python-2.7.5-69.el7_5.x86_64.rpm python-debuginfo-2.7.5-69.el7_5.i686.rpm python-debuginfo-2.7.5-69.el7_5.x86_64.rpm python-libs-2.7.5-69.el7_5.i686.rpm python-libs-2.7.5-69.el7_5.x86_64.rpm python-debug-2.7.5-69.el7_5.x86_64.rpm python-devel-2.7.5-69.el7_5.x86_64.rpm python-test-2.7.5-69.el7_5.x86_64.rpm python-tools-2.7.5-69.el7_5.x86_64.rpm tkinter-2.7.5-69.el7_5.x86_64.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2018:2123-1
Issued Date: : 2018-07-03
CVE Numbers: CVE-2016-2183

Related News

Linus Torvalds on the State of Linux Today and How AI Figures in Its Future

Dec 6, 2023

The Rust Foundation to Develop Training and Certification Program

Dec 3, 2023

Severe Chromium Bug Threatens Sensitive Data, System Availability

Nov 13, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo