Scientific Linux Security Update : python on SL7.x x86_64
Medium Nessus Plugin ID 110920
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183)
Note: This update modifies the Python ssl module to disable 3DES cipher suites by default.
SolutionUpdate the affected packages.