ELSA-2021-4057

Опубликовано: 02 нояб. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-4057: python3 security update (MODERATE)

[3.6.8-39.0.1]

Add Oracle Linux distribution in platform.py [Orabug: 20812544]

[3.6.8-39]

Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz#1995234

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

platform-python

3.6.8-39.0.1.el8_4

platform-python-debug

3.6.8-39.0.1.el8_4

platform-python-devel

3.6.8-39.0.1.el8_4

python3-idle

3.6.8-39.0.1.el8_4

python3-libs

3.6.8-39.0.1.el8_4

python3-test

3.6.8-39.0.1.el8_4

python3-tkinter

3.6.8-39.0.1.el8_4

Oracle Linux x86_64

platform-python

3.6.8-39.0.1.el8_4

platform-python-debug

3.6.8-39.0.1.el8_4

platform-python-devel

3.6.8-39.0.1.el8_4

python3-idle

3.6.8-39.0.1.el8_4

python3-libs

3.6.8-39.0.1.el8_4

python3-test

3.6.8-39.0.1.el8_4

python3-tkinter

3.6.8-39.0.1.el8_4

Связанные CVE

CVE-2021-3733

Ссылки на источники

Связанные уязвимости

CVE-2021-3733

CVSS3: 6.5

ubuntu

больше 3 лет назад

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.