Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-7024

Опубликовано: 17 нояб. 2023
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2023-7024: python3.11 security update (MODERATE)

[3.11.5-1]

  • Rebase to 3.11.5
  • Security fixes for CVE-2023-40217 and CVE-2023-41105 Resolves: RHEL-3047, RHEL-3267

[3.11.4-4]

  • Add the import_all_modules_py3_11.py file for the python3.11-rpm-macros subpackage Resolves: rhbz#2207631

[3.11.4-3]

  • Fix symlink handling in the fix for CVE-2023-24329 Resolves: rhbz#263261

[3.11.4-2]

  • Security fix for CVE-2007-4559 Resolves: rhbz#263261

[3.11.4-1]

  • Update to 3.11.4
  • Security fix for CVE-2023-24329 Resolves: rhbz#2173917

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

python3.11

3.11.5-1.el8_9

python3.11-debug

3.11.5-1.el8_9

python3.11-devel

3.11.5-1.el8_9

python3.11-idle

3.11.5-1.el8_9

python3.11-libs

3.11.5-1.el8_9

python3.11-rpm-macros

3.11.5-1.el8_9

python3.11-test

3.11.5-1.el8_9

python3.11-tkinter

3.11.5-1.el8_9

Oracle Linux x86_64

python3.11

3.11.5-1.el8_9

python3.11-debug

3.11.5-1.el8_9

python3.11-devel

3.11.5-1.el8_9

python3.11-idle

3.11.5-1.el8_9

python3.11-libs

3.11.5-1.el8_9

python3.11-rpm-macros

3.11.5-1.el8_9

python3.11-test

3.11.5-1.el8_9

python3.11-tkinter

3.11.5-1.el8_9

Связанные CVE

CVE-2007-4559
CVE-2023-41105

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2023-6494

oracle-oval
больше 1 года назад

ELSA-2023-6494: python3.11 security update (MODERATE)

ubuntu логотип

CVE-2023-41105

CVSS3: 7.5
ubuntu
почти 2 года назад

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.

redhat логотип

CVE-2023-41105

CVSS3: 7.5
redhat
почти 2 года назад

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.

nvd логотип

CVE-2023-41105

CVSS3: 7.5
nvd
почти 2 года назад

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.

debian логотип

CVE-2023-41105

CVSS3: 7.5
debian
почти 2 года назад

An issue was discovered in Python 3.11 through 3.11.4. If a path conta ...