python3-3.6.8-21.0.1.el7.AXS7
エラータID: AXSA:2024-8626:04
リリース日:
2024/07/31 Wednesday - 18:22
題名:
python3-3.6.8-21.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- CPython の tempfile.TemporaryDirectory クラスには、
シンボリックリンクによって参照されるファイルの
アクセス権限の不正な変更を許容してしまう問題がある
ため、ローカルの攻撃者により、特権での実行が可能な
細工されたプログラムの実行を介して、情報の漏洩、
およびデータ破壊などを可能とする脆弱性が存在します。
(CVE-2023-6597)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-6597
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- python3-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: a3cd804bb83a95ed7441b71cc2737c92
SHA-256: e45a57b3f2120cfdcdcf91ce8cba0b6bd3debc48df8bd3c1e3a96f47967b032d
Size: 70.81 kB - python3-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: b602f2cda8b0c7a88e3a18586bc4d4d6
SHA-256: 5ab73404ea5bf94f8011864566e6d0cc62f63bbd540d393bb29c028ff9b8efca
Size: 70.75 kB - python3-debug-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: 739c6da6c1b151ee961709371787038f
SHA-256: f199582f83f5a9474b826235968b1eff71e97b95bacb8140f13fce4a5e89c0bc
Size: 2.42 MB - python3-debug-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: 15a3f677a4cc708420b39dcd3c37b758
SHA-256: 4998d39e102163c6b3e9b60bd3bbd93754c05c0753faf2d5f44fd13050ae2876
Size: 2.64 MB - python3-devel-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: af6b0bbe6d50e615cdddc848546723e0
SHA-256: 02ee6eab8c0d27c486a0c37cab77b0cb340e8a6120f2c3edf3ef234dc8ec857c
Size: 217.62 kB - python3-devel-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: 2e2514f0a6f0d1b32366437779049c5f
SHA-256: b5e2e094906fbf6b85e2627ec4b825db95c2544e11274f837ce7f0694e6e16ef
Size: 217.43 kB - python3-idle-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: 62bed57b3aa63c413f465e217f3e008f
SHA-256: 076e84ec6fa11071fda51ac01293befe9c4c0e10b63bbf917b32fe1c8063a1c3
Size: 779.98 kB - python3-idle-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: 59b1a7727f6517bd1ee28ba611ea084d
SHA-256: df05a7303ca7bd9fa9aca7ae894eceeba6fd527c643f33256315b3ea8a09b694
Size: 779.84 kB - python3-libs-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: b2f0abbda601512313cf183f2ba7ffff
SHA-256: 5dc251e4ab2a8db27ff9ecfcf223427230804d96736b53a71bceb770f7f8c530
Size: 6.85 MB - python3-libs-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: 4b8bb44720ec9c292840e4bf89c92e90
SHA-256: 7e57c20c6021e03fe2fbb9047ee87ca1684ea7c5b079bad6252d12a35ba6c701
Size: 6.95 MB - python3-test-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: 15718f82b41de312ce076d68cde4c8b0
SHA-256: 344cc1c4ea182d3bbcbcde12aa1936d40e853a4383c6eb6310d0fa29407dcdfb
Size: 7.26 MB - python3-test-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: d57fa2da1fcee37a348a6e59ebad8685
SHA-256: 57c737f41d0ca27c8c73951218e96c77259ec2802b6e43c08aa72771f302c036
Size: 7.26 MB - python3-tkinter-3.6.8-21.0.1.el7.AXS7.i686.rpm
MD5: 32f65ca38c103be71b6eb4fa332b46ef
SHA-256: 8a12f20d360e6a935e897e135ee758ae3f0b7335640879a58ed57c2d0b67c434
Size: 366.17 kB - python3-tkinter-3.6.8-21.0.1.el7.AXS7.x86_64.rpm
MD5: 5490f3b8d9c3c2a3aae1851f2c0825db
SHA-256: 8c4c5b4a8383a3332678db651762c3e5f9810b3144fb1820798d266e1f059385
Size: 366.11 kB
English