python-2.7.5-89.0.1.el7.AXS7
エラータID: AXSA:2020-863:49
Release date:
Thursday, November 5, 2020 - 10:38
Subject:
python-2.7.5-89.0.1.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
An update for python is now available for Asianux Server 7.
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935)
Solution:
Update packages.
CVEs:
CVE-2019-16935
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.
Additional Info:
N/A
Download:
SRPMS
- python-2.7.5-89.0.1.el7.AXS7.src.rpm
MD5: 4abb0af9c493a7a4965970cf44f79c9c
SHA-256: 6c2287a1ecd27e4066259a1b007772ee2671ea39bc69edfee180d62d904edc4b
Size: 10.21 MB
Asianux Server 7 for x86_64
- python-2.7.5-89.0.1.el7.AXS7.x86_64.rpm
MD5: 4551d876a682dc5cbaea520fd99d21a4
SHA-256: 991c4fa1d342f088cb1cae41bafc73130f29b0510674fc829c353d6e91dddcdf
Size: 95.14 kB - python-devel-2.7.5-89.0.1.el7.AXS7.x86_64.rpm
MD5: 74ddffe21f34599d1b8d98b407fc79f6
SHA-256: 8c060fe0341e21591842e8bf95a9a3407aaf54ff52f1bf52ffe3c84678647cf3
Size: 397.77 kB - python-libs-2.7.5-89.0.1.el7.AXS7.x86_64.rpm
MD5: 63743b8ec4559cdab4da09f2546350d3
SHA-256: 98b7348987fd3f2d1d5675124ac95f801c757ce9129d978ed90d40225a69ba4b
Size: 5.64 MB - python-libs-2.7.5-89.0.1.el7.AXS7.i686.rpm
MD5: eb730e38d1bc4ce31846280c489c7611
SHA-256: eea515092c43f94af4bb996d071944e553fac319997609b80904bc85280b3611
Size: 5.60 MB
日本語