Описание
ELSA-2024-4077: python3.11 security update (IMPORTANT)
[3.11.7-1.1]
- Security fix for CVE-2023-6597
- Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33884
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
python3.11
3.11.7-1.el9_4.1
python3.11-debug
3.11.7-1.el9_4.1
python3.11-devel
3.11.7-1.el9_4.1
python3.11-idle
3.11.7-1.el9_4.1
python3.11-libs
3.11.7-1.el9_4.1
python3.11-test
3.11.7-1.el9_4.1
python3.11-tkinter
3.11.7-1.el9_4.1
Oracle Linux x86_64
python3.11
3.11.7-1.el9_4.1
python3.11-debug
3.11.7-1.el9_4.1
python3.11-devel
3.11.7-1.el9_4.1
python3.11-idle
3.11.7-1.el9_4.1
python3.11-libs
3.11.7-1.el9_4.1
python3.11-test
3.11.7-1.el9_4.1
python3.11-tkinter
3.11.7-1.el9_4.1
Связанные CVE
Связанные уязвимости
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
An issue was found in the CPython `tempfile.TemporaryDirectory` class ...