openSUSE-SU-2024:0222-1

Опубликовано: 26 июл. 2024

Источник: suse-cvrf

Описание

Security update for python-nltk

This update for python-nltk fixes the following issues:

CVE-2024-39705: Fixed remote code execution through unsafe pickle usage (boo#1227174).

Список пакетов

SUSE Package Hub 15 SP5

python3-nltk-3.7-bp155.3.3.1

openSUSE Leap 15.5

python3-nltk-3.7-bp155.3.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34GPGJ5MWORJ4EISDV3CLYKNIHC3Z7CC/
E-Mail link for openSUSE-SU-2024:0222-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227174
SUSE Bug 1227174
https://www.suse.com/security/cve/CVE-2024-39705/
SUSE CVE CVE-2024-39705 page

Описание

NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download functionality is used. This affects, for example, averaged_perceptron_tagger and punkt.

Затронутые продукты

SUSE Package Hub 15 SP5:python3-nltk-3.7-bp155.3.3.1

openSUSE Leap 15.5:python3-nltk-3.7-bp155.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-39705.html
CVE-2024-39705
https://bugzilla.suse.com/1227174
SUSE Bug 1227174

openSUSE-SU-2024:0222-1

Описание

Список пакетов

SUSE Package Hub 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-39705

Описание

Затронутые продукты

Ссылки