CloudLinux OS 6 ELS: python package has been scheduled for gradual rollout

Extended-CL

A new updated python package within CloudLinux OS 6 ELS has been scheduled for gradual rollout from our production repository.

Rollout slot: 6
Rolled out to: 0.1%
ETA for 100% rollout: October 7

Changelog

python-2.6.6-70.el6.cloudlinux.els

Fix prefix dot in domain for proper subdomain validation (CVE-2018-20852)
Fix allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client (CVE-2020-8492)
Fix http.client allows CRLF injection if the attacker controls the HTTP request method (CVE-2020-26116)
Fix unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)

yum update python*

yum update python* --enablerepo=cloudlinux-rollout-6-bypass

Sep 23, 2021 3:52:06 PM

Extended-CL

A new updated python package within CloudLinux OS 6 ELS has been scheduled for gradual rollout from our production repository.

Rollout slot: 6
Rolled out to: 0.1%
ETA for 100% rollout: October 7

python-2.6.6-70.el6.cloudlinux.els

Fix prefix dot in domain for proper subdomain validation (CVE-2018-20852)
Fix allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client (CVE-2020-8492)
Fix http.client allows CRLF injection if the attacker controls the HTTP request method (CVE-2020-26116)
Fix unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)

yum update python*

yum update python* --enablerepo=cloudlinux-rollout-6-bypass