python3.11-3.11.7-1.el9.ML.1
エラータID: AXSA:2024-7974:03
リリース日:
2024/05/30 Thursday - 15:48
題名:
python3.11-3.11.7-1.el9.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Python の e-mail モジュールには、特殊文字が含まれる
電子メールアドレスを誤って解析してしまう問題があるため、
リモートの攻撃者により、通常送信が拒否される電子メール
アドレスからのメッセージの送信を可能とする脆弱性が存在
します。(CVE-2023-27043)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-27043
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
追加情報:
N/A
ダウンロード:
SRPMS
- python3.11-3.11.7-1.el9.ML.1.src.rpm
MD5: 86c7d612575cacab8841836eabe2dd3c
SHA-256: 458e47550794bbc3468b4905dbf77845ef02b03788cf538a4ec9b4034c9c5c57
Size: 19.21 MB
Asianux Server 9 for x86_64
- python3.11-3.11.7-1.el9.ML.1.i686.rpm
MD5: e569523e892c7ff433d170450c349cc5
SHA-256: 7bbb9efa19fb2a53644b547054f471e3b0c9a924bb58332902a5ab9ad9d33251
Size: 26.14 kB - python3.11-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: 3f17885cb9a0ec3a96d2792647b15204
SHA-256: dfa797adc1aa3eee08ab1d583baeb75610e2bd18010df0c8847c69f6929ca437
Size: 26.04 kB - python3.11-debug-3.11.7-1.el9.ML.1.i686.rpm
MD5: 8d274ce425a45f44b2a9940d220a8862
SHA-256: 6e896be3976f21172854c37ae2288d79b01fc5b3b850f89cc41791518ba6290e
Size: 3.18 MB - python3.11-debug-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: 26f970d909ab440db9e2bee4c93d80ee
SHA-256: 15ee297196a0553a86b2a911d58dd22b95ed97f7476bcc923d5e7a60089d68d3
Size: 3.34 MB - python3.11-devel-3.11.7-1.el9.ML.1.i686.rpm
MD5: c84d1fe8782b3ae65f7c6648cb59a35a
SHA-256: 702ee98e9b743f176fc90692a2d9e3959bb5904df239f89334cb75507b4ebf13
Size: 232.82 kB - python3.11-devel-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: 3cc4efa56ac57b90e66e550d82b9fabc
SHA-256: e88fdc5cdc91856550365a404a3aa19fb64bdc5a1f569654d17f006068f3fbc8
Size: 232.85 kB - python3.11-idle-3.11.7-1.el9.ML.1.i686.rpm
MD5: 25b3808c893582670fe37953172e3170
SHA-256: a6f728b8b0e01fc4551433fa84beec6e74397a891c9a4b4649621d08efba6731
Size: 0.97 MB - python3.11-idle-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: b28bf98c15b0e2ffde8d456bdb7242e1
SHA-256: 03a6c86d3c90659a8eb7f9e651752b392801b21829b689bd88f31d629ecdd324
Size: 0.97 MB - python3.11-libs-3.11.7-1.el9.ML.1.i686.rpm
MD5: f204a3e69b5165c4bc518dea67a8c2dc
SHA-256: 183b33924f1270ee892490cb277861d24acf5284da2f6f5d0c7d78f0a1afbf92
Size: 9.40 MB - python3.11-libs-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: 08920bb47c80a2b41defe1dc90f0f10f
SHA-256: 65dce0c6bfce27b0bd8cb05d02706ef5b0e32937543386ec99415c1040e5d894
Size: 9.34 MB - python3.11-test-3.11.7-1.el9.ML.1.i686.rpm
MD5: 99a9cb8625fcd890c64440f644e1c97f
SHA-256: fd6dfe8396ce51a65568af2b44944f6dc974e62288b23a4ca781ada54a0279ad
Size: 14.12 MB - python3.11-test-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: defaa9dd63a7f79edc0b50e2c9e68908
SHA-256: 7284910050ab53c7bf6f7a72192630006d7e322c1466a14871d900f32847313a
Size: 14.12 MB - python3.11-tkinter-3.11.7-1.el9.ML.1.i686.rpm
MD5: 147fd64a0a611a282cef3ea01c000c86
SHA-256: 66ec3cc7958ed718bc600f255958fd8c8a7fc653cadc51db107cc1b3d105185e
Size: 394.29 kB - python3.11-tkinter-3.11.7-1.el9.ML.1.x86_64.rpm
MD5: 9f87d8ff4d757d018da9266de59b3554
SHA-256: c12fc31fbd88d8cf979018bfa5496ee174a94d881b275c91e38504150e26ebab
Size: 392.84 kB