Описание
ELSA-2023-6659: python3.9 security update (MODERATE)
[3.9.18-1]
- Update to 3.9.18
- Security fix for CVE-2023-40217 Resolves: RHEL-3043
[3.9.17-2]
- Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz#263261
[3.9.17-1]
- Update to 3.9.17
- Security fix for CVE-2023-24329 Resolves: rhbz#2173917
[3.9.16-2]
- Add filters for tarfile extraction (CVE-2007-4559, PEP-706) Resolves: rhbz#263261
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
python-unversioned-command
3.9.18-1.el9_3
python3
3.9.18-1.el9_3
python3-debug
3.9.18-1.el9_3
python3-devel
3.9.18-1.el9_3
python3-idle
3.9.18-1.el9_3
python3-libs
3.9.18-1.el9_3
python3-test
3.9.18-1.el9_3
python3-tkinter
3.9.18-1.el9_3
Oracle Linux x86_64
python-unversioned-command
3.9.18-1.el9_3
python3
3.9.18-1.el9_3
python3-debug
3.9.18-1.el9_3
python3-devel
3.9.18-1.el9_3
python3-idle
3.9.18-1.el9_3
python3-libs
3.9.18-1.el9_3
python3-test
3.9.18-1.el9_3
python3-tkinter
3.9.18-1.el9_3
Связанные CVE
Связанные уязвимости
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractal ...