python3.9-3.9.19-8.el9

エラータID: AXSA:2024-9269:08

リリース日: 
2024/12/12 Thursday - 18:42
題名: 
python3.9-3.9.19-8.el9
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- CPython の zipfile モジュールの zipfile.ZipFile 内の
各メソッドには、アーカイブ内のエントリの反復処理
において無限ループの発生に至る問題があるため、
リモートの攻撃者により、細工された ZIP 形式の
アーカイブファイルの読み取りを介して、サービス
拒否攻撃を可能とする脆弱性が存在します。
(CVE-2024-8088)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2024-8088
There is a HIGH severity vulnerability affecting the CPython "zipfile" module affecting "zipfile.Path". Note that the more common API "zipfile.ZipFile" class is unaffected. When iterating over names of entries in a zip archive (for example, methods of "zipfile.Path" like "namelist()", "iterdir()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. python3.9-3.9.19-8.el9.src.rpm
    MD5: cbeaeed65787a69a2c151a0ee622b023
    SHA-256: c306e4e486bbc3254dbc316f2d0f04c15ed2b393837a73569570266a9f28e762
    Size: 19.38 MB

Asianux Server 9 for x86_64
  1. python3-3.9.19-8.el9.i686.rpm
    MD5: 828ff372277be469b4cadd2f2455f5bc
    SHA-256: ad0534327901c6f33715a9ac32dec9046fd64bb326465dc79544a59534bb0d87
    Size: 25.70 kB
  2. python3-3.9.19-8.el9.x86_64.rpm
    MD5: 44228c0cfc63897772c883c9a149280d
    SHA-256: 5820e3dd6fe98d9a1e1c42a01f4118c40d4d9cdf5635901751b55955aabb3635
    Size: 25.63 kB
  3. python3-debug-3.9.19-8.el9.i686.rpm
    MD5: 0f00af5f99ab3924dc46ae645331b4bb
    SHA-256: feb36dc7300600bec6615f89d8d1adf750b77606f21be9a7ebf11851b2590e5e
    Size: 2.88 MB
  4. python3-debug-3.9.19-8.el9.x86_64.rpm
    MD5: ac974b464e5d3bcc4c4f550089992326
    SHA-256: fc17e0db9fad2bcccf653ecdfba58c277c16b516d5ecc4d213e5acf00c356286
    Size: 3.04 MB
  5. python3-devel-3.9.19-8.el9.i686.rpm
    MD5: 7e05cf1fec9c03da146407e0856e045a
    SHA-256: 037ff61e056771cdc626cbdc9856dfb2107026e6dbf753f9d77665a4d2b8fa67
    Size: 244.90 kB
  6. python3-devel-3.9.19-8.el9.x86_64.rpm
    MD5: bbcdedeacc94094a454b72772cf51307
    SHA-256: 5db03cb4ebbd9d40b35da23268f918c60f1afe94a78089bff2518d9d240b3f31
    Size: 244.82 kB
  7. python3-idle-3.9.19-8.el9.i686.rpm
    MD5: fe4fb8ee6a7d81fa2bf2f8d4ca4dd4d3
    SHA-256: 85c0e4825c2844f9e9f37dba056f6d293b088e42b9d536aa1bb92daa36b54d36
    Size: 888.66 kB
  8. python3-idle-3.9.19-8.el9.x86_64.rpm
    MD5: 813c9022e19fb30b8554f3ffb9c793c6
    SHA-256: 901fd6b7a552a09c8dc030a7cd020b3f993ec5f5f207b085d76f69d943015d30
    Size: 888.73 kB
  9. python3-libs-3.9.19-8.el9.i686.rpm
    MD5: cf3e6d8c9dc7da736a175349f1ea0079
    SHA-256: bd5a7854800bab26956acbd8008d88a8d14b5d167b5f97f68e3edaa9c755cf69
    Size: 8.10 MB
  10. python3-libs-3.9.19-8.el9.x86_64.rpm
    MD5: f1c03704d83b5c7c7c048e281e3a4889
    SHA-256: 190b0639f4afabf3bc1860ad1f5936e29f3905ff7238e330ad2a9ae34ac6a569
    Size: 8.05 MB
  11. python3-test-3.9.19-8.el9.i686.rpm
    MD5: 9c6925990694e75cca9cf0ef54ef5b8c
    SHA-256: afb7c2ea630b6fde52c86eaec635666c4abaa9f448003a4230c71399dc9e4481
    Size: 10.18 MB
  12. python3-test-3.9.19-8.el9.x86_64.rpm
    MD5: 5581913da128db97b261bee901c4ac5d
    SHA-256: 975ead2ecc16bfad00b7374c44bfca0dbbcdc2f327aa5dbf41392001091fb1a9
    Size: 10.17 MB
  13. python3-tkinter-3.9.19-8.el9.i686.rpm
    MD5: cc809233e199f28f998a7f854aeb18d3
    SHA-256: 88141ee5b8f1efaf68e47f470881544986a69fd1261ae882369437ebe35181d3
    Size: 343.41 kB
  14. python3-tkinter-3.9.19-8.el9.x86_64.rpm
    MD5: 6368ce6001d3a9b6bb1cc1a19aaf2bef
    SHA-256: 5a09d201c1000dce3c21c7008b28beb2cc4fde6303a773d202c4c632c93e3e32
    Size: 341.81 kB
  15. python-unversioned-command-3.9.19-8.el9.noarch.rpm
    MD5: 79b860329cc94e8ebd54c43a3ce70521
    SHA-256: af3ded8ef2ae40735fb33bf1ffe6f19cc613838de5c1626ec6a7095722b09bf3
    Size: 8.83 kB