drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in python2.7
Name: |
Mehrere Probleme in python2.7 |
|
ID: |
DSA-4306-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian stretch |
|
Datum: |
Do, 27. September 2018, 23:36 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802 |
|
Applikationen: |
Python |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4306-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : python2.7 CVE ID : CVE-2018-1060 CVE-2018-1061 CVE-2018-14647 CVE-2018-1000802
Multiple security issues were discovered in Python: ElementTree failed to initialise Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.
For the stable distribution (stretch), these problems have been fixed in version 2.7.13-2+deb9u3.
We recommend that you upgrade your python2.7 packages.
For the detailed security status of python2.7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python2.7
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlutRbcACgkQEMKTtsN8 Tjardg/9Fyn44Rb2l6FTrgQ3MVctqyyVxtQ/+vuSzS8hC3qqqYEDUHOExFwEaz1w GfgweTVlQMkhdeyj3UZ8M7A9DwQPJDg2m2sQKZ1Tl4YKYUl6Q2BiQyMIUUjDCZ+w Pj156sta68rOrU+WQ20PK+lewrc8nhK3WbXD60hgGabqzq5ioPg8WcmLjn/2FqXb uv7g4xYMSGdN8f55AYVMeRNMU98C5nUPLHtKBecoRiLIZbFcmcLmT67DfgvaUYyc h4RF4U7enqqf0eHQCV+0H+GbmqSAAInww7NJxXJR/8fLlDT64zxheawXv9duzuPD L4UNvhr4/AfqKFA9WQjpmB1JVoOGxlttDczBlV6ZspR09ZYhiVJQvdrsEvwaqSBg wsGYRynpiqmb0S0QzYNBLNRGnygP9rf/p1XoGUetLgL6acagc54Qqm+wWKZDL1J5 rQ50EsBGsxNMrJfmVA661Sc+30qE1TnEOH9cGL6oW8HdxeEhA9C6ul+iPQpdgOG6 hqTUmodas0Tt/Q3zoPMl8n2NsIDTP3MiCPzZ4SAmpx/RWi4F62CPTbxGs2z9cKgA xHjiOYNqo2m3y2OtcayY05lzY6cdlwzYCq1FvhjNhAhqvHmOxLzE6SLMIzXVRi1E AtBKq3+8p87yRFnbxf+AnpUavgpXdr+z0TLPBKn2//Cvg0HgV4g= =WtMi -----END PGP SIGNATURE-----
|
|
|
|