drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in sqlparse
Name: |
Denial of Service in sqlparse |
|
ID: |
USN-5085-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 21.04 |
|
Datum: |
Mi, 22. September 2021, 23:04 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32839 |
|
Applikationen: |
sqlparse |
|
Originalnachricht |
--===============6174969502825002924== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline
--7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-5085-1 September 22, 2021
sqlparse vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
Summary:
SQL parse could be made to denial of service if it received a specially crafted regular expression.
Software Description: - sqlparse: documentation for non-validating SQL parser in Python
Details:
It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04: python3-sqlparse 0.4.1-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5085-1 CVE-2021-32839
Package Information: https://launchpad.net/ubuntu/+source/sqlparse/0.4.1-1ubuntu0.1
--7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmFLSQUACgkQRbznW4QL H2kN0g//S+9Ft+jVDKd7ld66t5fJR3VE/okhVKZpq511vfQfqhGTfuAixtTftCft NgiPnKF47R5OCPdJOEKdm7WMEgBv/QEZ1R4SEub6iqL7QsT7nlXgnt2Os8f4nwYE BDM3pWtoqixuskChL/Nqw0R1dqwLArpQbp3zYidakBRMk8NE7brIhPRzM8Av/X4c nP8f8Fbm05F0FWRdiKtECg7awC2M+kQdWzUuISck6Uf3h+tj8KDZrhfFRbtwLw+G J3QLRSLSrL5p49UTrmavAtbydY8yTCN6yWYcJAZYSeKSAv9tH1cCpUytAMcz8YrY 76ISwH9WfqJPDMjf5Bj3Q+8pJHbeMglbk/W4flDkERogv8RDDNtN+C0L3xYR8Rzo uytMcb9n4ywxpdqV9/Wag2k6cbAuIDdm0KkXdvZHgJzYq5w59QEkCze9YNioVFwq jj6ytTOXg6RrgdCTCxPBeqv+t8NT+fGr6YZOlo1+TCRrK2DrLx5MvbEuIjYt2Kxn 8XqICl82Y1zGN5KEfFSdkHru0IgDNBM+NRVJsT+XV/0XrmbW/Vv3uWXoh4oWTpFP BEaD24ZxaAXskX3TSMI+DiLUM7MAXZHbxZ2QtTteFPjUielkWQ/X9yxPtLkS4XrT N7YouoK0n8OHCbKpFgQGUpgWwFqz/y6O9a6uAtiVzDB9iC7QXB8= =1dXE -----END PGP SIGNATURE-----
--7JfCtLOvnd9MIVvH--
--===============6174969502825002924== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|