CentOS Update for python-paste-script CESA-2012:1206 centos6

Solution
Please Install the Updated Packages.
Insight
Python Paste provides middleware for building and running Python web applications. The python-paste-script package includes paster, a tool for working with and running Python Paste applications. It was discovered that paster did not drop supplementary group privileges when started by the root user. Running &quot paster serve&quot as root to start a Python web application that will run as a non-root user and group resulted in that application running with root group privileges. This could possibly allow a remote attacker to gain access to files that should not be accessible to the application. (CVE-2012-0878) All paster users should upgrade to this updated package, which contains a backported patch to resolve this issue. All running paster instances configured to drop privileges must be restarted for this update to take effect.
Affected
python-paste-script on CentOS 6
References