Fedora 20 Security Update: python-oauth2-1.5.211-8.fc20

Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.

Leave a Reply