ELSA-2024-10983

Опубликовано: 12 дек. 2024

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-10983: python3.9:3.9.21 security update (MODERATE)

[3.9.21-1]

Update to 3.9.21
Security fix for CVE-2024-11168 and CVE-2024-9287 Resolves: RHEL-64888 Resolves: RHEL-67259

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

python-unversioned-command

3.9.21-1.el9_5

python3

3.9.21-1.el9_5

python3-debug

3.9.21-1.el9_5

python3-devel

3.9.21-1.el9_5

python3-idle

3.9.21-1.el9_5

python3-libs

3.9.21-1.el9_5

python3-test

3.9.21-1.el9_5

python3-tkinter

3.9.21-1.el9_5

Oracle Linux x86_64

python-unversioned-command

3.9.21-1.el9_5

python3

3.9.21-1.el9_5

python3-debug

3.9.21-1.el9_5

python3-devel

3.9.21-1.el9_5

python3-idle

3.9.21-1.el9_5

python3-libs

3.9.21-1.el9_5

python3-test

3.9.21-1.el9_5

python3-tkinter

3.9.21-1.el9_5

Связанные CVE

CVE-2024-9287

CVE-2024-11168

Ссылки на источники

Связанные уязвимости

SUSE-SU-2025:0049-1

suse-cvrf

5 месяцев назад

Security update for python310

SUSE-SU-2025:0047-1

suse-cvrf

5 месяцев назад

Security update for python39

RLSA-2024:10779

rocky

6 месяцев назад

Moderate: python3:3.6.8 security update

ELSA-2024-10779

oracle-oval

7 месяцев назад

ELSA-2024-10779: python3:3.6.8 security update (MODERATE)

CVE-2024-11168

CVSS3: 3.7

ubuntu

7 месяцев назад

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`), allowing hosts that weren't IPv6 or IPvFuture. This behavior was not conformant to RFC 3986 and potentially enabled SSRF if a URL is processed by more than one URL parser.