{"id":"MGASA-2019-0084","summary":"Updated python packages fix security vulnerability","details":"An exploitable denial-of-service vulnerability exists in the X509\ncertificate parser of Python.org Python 2.7.11 / 3.7.2. A specially crafted\nX509 certificate can cause a NULL pointer dereference, resulting in a denial\nof service. An attacker can initiate or accept TLS connections using crafted\ncertificates to trigger this vulnerability (CVE-2019-5010).\n","modified":"2026-02-02T00:44:33.662165Z","published":"2019-02-14T08:38:16Z","related":["CVE-2019-5010"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0084.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24340"},{"type":"REPORT","url":"http://lists.suse.com/pipermail/sle-security-updates/2019-February/005089.html"}],"affected":[{"package":{"name":"python","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/python?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.15-1.2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0084.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}