Hello community, here is the log from the commit of package patchinfo.2736 for openSUSE:12.3:Update checked in at 2014-05-02 14:25:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/patchinfo.2736 (Old) and /work/SRC/openSUSE:12.3:Update/.patchinfo.2736.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.2736" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo> <issue id="637176" tracker="bnc">Python doesn't have the PEP 370 compatible lib64 path</issue> <issue id="871152" tracker="bnc">VUL-0: CVE-2014-2667: python3: race in mkdir()</issue> <issue id="869222" tracker="bnc">VUL-0: CVE-2013-7338: python: denial of service (endless loop) via corrupted ZIP files</issue> <issue id="863741" tracker="bnc">VUL-0: CVE-2014-1912: python: buffer overflow in socket.recvfrom_into</issue> <issue id="CVE-2014-2667" tracker="cve" /> <issue id="CVE-2013-7338" tracker="cve" /> <issue id="CVE-2014-1912" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>matejcik</packager> <description>This python update fixes the following security and non-security issues: - bnc#869222: Fixed DoS when opening malicious archives (CVE-2013-7338). - bnc#863741: Fixed buffer overflow in socket.recvfrom_into (CVE-2014-1912). - bnc#871152: Fixed race condition with umask when creating directories with os.mkdirs (CVE-2014-2667). - bnc#637176: Fixed update multilib patch to handle home install scheme. </description> <summary>update for python3</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org