python3-3.6.8-56.el8.ML.1
エラータID: AXSA:2023-7212:08
リリース日:
2023/12/25 Monday - 00:49
題名:
python3-3.6.8-56.el8.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Python の tarfile モジュールの tarfile.extract() 関数および
tarfile.extractall() 関数には、ディレクトリトラバーサル攻撃
を許容してしまう問題があるため、ローカルの攻撃者により、
細工された TAR 形式のアーカイブの展開処理を介して、
任意のファイルの上書きによる破壊を可能とする脆弱性が
存在します。(CVE-2007-4559)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
追加情報:
N/A
ダウンロード:
SRPMS
- python3-3.6.8-56.el8.ML.1.src.rpm
MD5: 49fbed8b3d4b7485972281612457e3cd
SHA-256: d47f8982298871e4a1c922769ee2f07a92fe5e38c87b4aa56f8bb9cf2833dc67
Size: 18.29 MB
Asianux Server 8 for x86_64
- platform-python-3.6.8-56.el8.ML.1.i686.rpm
MD5: e08ee8adce576b8b9105a7d23aa338c3
SHA-256: f54f607d6ae245abcd678133f918bfdc3002afdb93c13053b538380f5a213f3b
Size: 85.90 kB - platform-python-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: b16780fb3dfe77de096ee4686b29688b
SHA-256: 61c80feaaa3ae7f1df9735ea0f7c242dd084d5d37e0bde52ecd476a16aa94b08
Size: 85.96 kB - platform-python-debug-3.6.8-56.el8.ML.1.i686.rpm
MD5: 4bd0b2d7b79b2eccb25388b631de3799
SHA-256: 6d267a15ba6e55e5ce7f611e32b49443dc4644720e925905465c222d74b5c6fe
Size: 2.72 MB - platform-python-debug-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: d2dbd57b562749731380e26d6959ebc1
SHA-256: cad0b87ac3886b50b8b11941b34e399bc658044b0f13c02ab2242c6152548178
Size: 2.68 MB - platform-python-devel-3.6.8-56.el8.ML.1.i686.rpm
MD5: b530517e0de728cb56d7ec538580af00
SHA-256: 706164894fcd6e2f450ca22089a575ad258cf5731df56446879b7c64b3f44232
Size: 239.21 kB - platform-python-devel-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: cd1c478404bfe7430b6ae85ff9d9b2fa
SHA-256: 47a7de35c6e115f1d77b730860c796f720c0bfcdc104f9059f6eb672b10addbb
Size: 239.46 kB - python3-idle-3.6.8-56.el8.ML.1.i686.rpm
MD5: 1fd9632a16298899302c320737831730
SHA-256: 52241ffb9b16dee70f8a40ba5ff97383437fed1369bd8f6ab41490cb1b6de7ca
Size: 827.38 kB - python3-idle-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: e16a11bad0512f6c3c1f6d44601998db
SHA-256: 6bbea2faf040a64300fe6fb84991e985afd0edc46f6cc2542cfb328f7a8894d0
Size: 827.31 kB - python3-libs-3.6.8-56.el8.ML.1.i686.rpm
MD5: 965531e25a5bf5937466484fff6c69b0
SHA-256: f5f42fc4a6612a78c5594a1b6e8015b39de2c9947b6eae110a7d2a1592ec515e
Size: 7.90 MB - python3-libs-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: 7d5d448ebd93904997b0b03aa424b86d
SHA-256: b11bc1ebf7426a4653fc597d15cf37a071543627e69e7a1b4adae91ae7001386
Size: 7.82 MB - python3-test-3.6.8-56.el8.ML.1.i686.rpm
MD5: f476724d68caa82855b38b9c87dab98e
SHA-256: 4aed6f793c00065d60c5577358fd1c7ea48e5d3c64c5980ff6c426f01de410ea
Size: 8.68 MB - python3-test-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: b7718f3e40d4c58019b791582f1a1bf6
SHA-256: fc8ed8c27eabc295009c6b62ed72626b5c73b3e29484c7333b6eb15cab29cd5b
Size: 8.67 MB - python3-tkinter-3.6.8-56.el8.ML.1.i686.rpm
MD5: 6aac71575fa16a6b51d1a75fc467afd3
SHA-256: d5b3c6507e189fa95d3bc71b50c334207228112684f8fd6d0bc2cc8358c02da9
Size: 374.22 kB - python3-tkinter-3.6.8-56.el8.ML.1.x86_64.rpm
MD5: 67eda668be444f7fa76b8cef62e1dce6
SHA-256: d9a794481b57f811bd1b822c19bf5f679fec55cec9a27ae232acb8bd0e431990
Size: 372.67 kB
English