Описание
ELSA-2023-6914: python3.11-pip security update (MODERATE)
[22.3.1-4]
- Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706) Resolves: RHBZ#2218249
[22.3.1-3]
- Fix changelog to contain Fedora contributors Resolves: RHEL-232
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
python3.11-pip
22.3.1-4.el8
python3.11-pip-wheel
22.3.1-4.el8
Oracle Linux x86_64
python3.11-pip
22.3.1-4.el8
python3.11-pip-wheel
22.3.1-4.el8
Связанные CVE
Связанные уязвимости
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractal ...