python3-3.6.8-56.el8_9.3.ML.1
エラータID: AXSA:2024-7427:02
リリース日:
2024/01/19 Friday - 00:37
題名:
python3-3.6.8-56.el8_9.3.ML.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Python の e-mail モジュールには、特殊文字が含まれる電子メール
アドレスを誤って解析してしまう問題があるため、リモートの攻撃者
により、通常送信が拒否される電子メールアドレスからのメッセージ
の送信を可能とする脆弱性が存在します。(CVE-2023-27043)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
追加情報:
N/A
ダウンロード:
SRPMS
- python3-3.6.8-56.el8_9.3.ML.1.src.rpm
MD5: a485b9d2d26d1058f4e265370ab5cc54
SHA-256: 896829549ea547f71b7d84257f1bf15ebd7984908f2ccc1277e92d6f7435b9d3
Size: 18.31 MB
Asianux Server 8 for x86_64
- platform-python-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: 7cc3516359f6825b6098b35d0bd63867
SHA-256: 3667e432bc1fde0cf1e0fca4eab5c7da4bcfaa8059d7ccb48b0d505b9515f06d
Size: 86.44 kB - platform-python-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 88996ab514fbc7a67284faa9c00910ec
SHA-256: 51fd58a14a5f99762b5edff103c35aa2b86280cc00c617b87fa9851082248cf7
Size: 86.51 kB - platform-python-debug-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: 76c209ac66bd6f2f1a924316cdf89e30
SHA-256: 988aa954e296ddc96427258ece4a587e1a20f059379fc856563248257874cb9b
Size: 2.72 MB - platform-python-debug-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 2ed5fb0e9bee029382511806261535c6
SHA-256: 25973a54e48a933aa0672e09c0e95a39d26e887ca6f52c8c7cd770182f6db5ac
Size: 2.68 MB - platform-python-devel-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: e7d924883c627296661c45f5e807f310
SHA-256: 3c7ae101527c5d3add473f87babd448484a6fdeadce56b0e4d459ec11ad04cdd
Size: 239.78 kB - platform-python-devel-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 646b32321b025cd7814bc86bd18f20a7
SHA-256: a3131bdbd573b5cadd5959c47368360471d7faa770c5ba00323e914c25399b86
Size: 240.04 kB - python3-idle-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: d87f95211827584cf3ef23e53fd67658
SHA-256: 04c8c6da8a1412fa8f8e77121d4e0d9f73609185eae0397f91e36c2c48072452
Size: 827.93 kB - python3-idle-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 65bda30638829da89a33e1c14f1ba304
SHA-256: b982e87d14e434024ac1087e010ebddebe3629aa8a47598d30879488ef679ecd
Size: 827.90 kB - python3-libs-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: 78d077e278b8579efa248e6e195c97a9
SHA-256: dfb3ef3b16a3170eb65f8ce29d611d58309382cfe4629a7980a3619ddbdc3677
Size: 7.90 MB - python3-libs-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: f4f8ec701b9b81c684e0237eeaecade0
SHA-256: cf83506e6654147ee81d25388e47f4e2579dedc3a6667d4db420c4bd9ae818b6
Size: 7.83 MB - python3-test-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: 7bc9e83280653d70a2aa23fdbc186f48
SHA-256: 7794301f3bae6b105eb23f498dc5d5d92fa9fb5d50af1b55fc0e8fee26d5a504
Size: 8.66 MB - python3-test-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 37f8d683a73cc494826103fa7217c1cd
SHA-256: a13245699d8a960ac842577294892f1587364c8fbad63bca1c28edd0437e5aa2
Size: 8.67 MB - python3-tkinter-3.6.8-56.el8_9.3.ML.1.i686.rpm
MD5: d03ce1c12cb34627809c172fd683e477
SHA-256: 4e0ab075726368afab32041a6821a2c4cb3855141f79d94bd06004e203f6a8f8
Size: 374.77 kB - python3-tkinter-3.6.8-56.el8_9.3.ML.1.x86_64.rpm
MD5: 524cdd732a07b10a4fd0348a2871507e
SHA-256: 50de0158b16b75fea7358ea37ef7684c67f0ae09f41ad20175ce9b10aee96fef
Size: 373.33 kB