SUSE-SU-2021:4161-1

Опубликовано: 22 дек. 2021

Источник: suse-cvrf

Описание

Security update for python-Babel

This update for python-Babel fixes the following issues:

CVE-2021-42771: Fixed relative path traversal that may lead to arbitrary locale files loading and arbitrary code execution (bsc#1185768).

Список пакетов

SUSE Linux Enterprise Module for Public Cloud 12

python-Babel-2.5.3-4.8.1

python3-Babel-2.5.3-4.8.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20214161-1/
Link for SUSE-SU-2021:4161-1
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009933.html
E-Mail link for SUSE-SU-2021:4161-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1185768
SUSE Bug 1185768
https://www.suse.com/security/cve/CVE-2021-42771/
SUSE CVE CVE-2021-42771 page

Описание

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Затронутые продукты

SUSE Linux Enterprise Module for Public Cloud 12:python-Babel-2.5.3-4.8.1

SUSE Linux Enterprise Module for Public Cloud 12:python3-Babel-2.5.3-4.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-42771.html
CVE-2021-42771
https://bugzilla.suse.com/1185768
SUSE Bug 1185768

SUSE-SU-2021:4161-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Public Cloud 12

Ссылки

Уязвимость: CVE-2021-42771

Описание

Затронутые продукты

Ссылки