Synopsis: Moderate: python security update
Advisory ID: SLSA-2018:2123-1
Issue Date: 2018-07-03
CVE Numbers: CVE-2016-2183
—
Security Fix(es):
* A flaw was found in the way the DES/3DES cipher was used as part of the
TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to
recover some plaintext data by capturing large amounts of encrypted
traffic between TLS/SSL server and client if the communication used a
DES/3DES based ciphersuite. (CVE-2016-2183)
Note: This update modifies the Python ssl module to disable 3DES cipher
suites by default.
—
SL7
x86_64
python-2.7.5-69.el7_5.x86_64.rpm
python-debuginfo-2.7.5-69.el7_5.i686.rpm
python-debuginfo-2.7.5-69.el7_5.x86_64.rpm
python-libs-2.7.5-69.el7_5.i686.rpm
python-libs-2.7.5-69.el7_5.x86_64.rpm
python-debug-2.7.5-69.el7_5.x86_64.rpm
python-devel-2.7.5-69.el7_5.x86_64.rpm
python-test-2.7.5-69.el7_5.x86_64.rpm
python-tools-2.7.5-69.el7_5.x86_64.rpm
tkinter-2.7.5-69.el7_5.x86_64.rpm
– Scientific Linux Development Team
