python-mako-1.0.6-14.el8
エラータID: AXSA:2023-5682:02
Release date:
Wednesday, May 31, 2023 - 06:08
Subject:
python-mako-1.0.6-14.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance.
Security Fix(es):
* mako: REDoS in Lexer class (CVE-2022-40023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-40023
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Solution:
Update packages.
CVEs:
CVE-2022-40023
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.
Additional Info:
N/A
Download:
SRPMS
- python-mako-1.0.6-14.el8.src.rpm
MD5: 42cffc37713f9f8cc45f956041551d54
SHA-256: ce84db9b171d3c96071848b416d142916003d8932fd1216bccb12c59506dc8cc
Size: 193.94 kB
Asianux Server 8 for x86_64
- python3-mako-1.0.6-14.el8.noarch.rpm
MD5: 094f7c33c7c256fd9605f7c4a42ab55b
SHA-256: ddb6828878b4b2555aa51b7aa439be217c894b78af63a634b8b9196b62b45e49
Size: 155.83 kB
日本語