Описание
ELSA-2020-5009: python security update (MODERATE)
[2.7.5-90.0.1]
- Add Oracle Linux distribution in platform.py [orabug 20812544]
[2.7.5-90]
- Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907) Resolves: rhbz#1856481
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
python
2.7.5-90.0.1.el7
python-debug
2.7.5-90.0.1.el7
python-devel
2.7.5-90.0.1.el7
python-libs
2.7.5-90.0.1.el7
python-test
2.7.5-90.0.1.el7
python-tools
2.7.5-90.0.1.el7
tkinter
2.7.5-90.0.1.el7
Oracle Linux x86_64
python
2.7.5-90.0.1.el7
python-debug
2.7.5-90.0.1.el7
python-devel
2.7.5-90.0.1.el7
python-libs
2.7.5-90.0.1.el7
python-test
2.7.5-90.0.1.el7
python-tools
2.7.5-90.0.1.el7
tkinter
2.7.5-90.0.1.el7
Связанные CVE
Связанные уязвимости
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...