drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in python36
Name: |
Zwei Probleme in python36 |
|
ID: |
FEDORA-2020-1ddd5273d6 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 32 |
|
Datum: |
Do, 6. August 2020, 07:29 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907 |
|
Applikationen: |
Python |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2020-1ddd5273d6 2020-08-06 04:02:19.816332 ------------------------------------------------------------------------------- -
Name : python36 Product : Fedora 32 Version : 3.6.11 Release : 3.fc32 URL : https://www.python.org/ Summary : Version 3.6 of the Python interpreter Description : Python 3.6 package for developers.
This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases.
------------------------------------------------------------------------------- - Update Information:
Security fix for CVE-2019-20907, CVE-2020-14422. ------------------------------------------------------------------------------- - ChangeLog:
* Fri Jul 31 2020 Charalampos Stratakis <cstratak@redhat.com> - 3.6.11-3 - Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907) Resolves: rhbz#1856481 - Resolve hash collisions for Pv4Interface and IPv6Interface (CVE-2020-14422) Resolves: rhbz#1854926 * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1854926 - CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface classes https://bugzilla.redhat.com/show_bug.cgi?id=1854926 [ 2 ] Bug #1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via crafted TAR archive https://bugzilla.redhat.com/show_bug.cgi?id=1856481 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1ddd5273d6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|