python3.12-3.12.5-2.el9_5.3
エラータID: AXSA:2025-9842:01
リリース日:
2025/04/09 Wednesday - 19:17
題名:
python3.12-3.12.5-2.el9_5.3
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- CPython の http.cookies 標準ライブラリの Cookie データのパーサー
には、二次関数の計算量を持つアルゴリズムが使用されていることに
起因して意図しない CPU リソースが消費されてしまう問題があるため、
リモートの攻撃者により、引用符で囲まれ、かつバックスラッシュを
含むように細工された Cookie 値の解析を介して、サービス拒否攻撃
(CPU リソースの枯渇) を可能とする脆弱性が存在します。
(CVE-2024-7592)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-7592
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value.
追加情報:
N/A
ダウンロード:
SRPMS
- python3.12-3.12.5-2.el9_5.3.src.rpm
MD5: 624c73bd5b23a1cac1f92ab814c9ee1a
SHA-256: d719bbda82efaaa93fc5389b0e2e77ecda485cc7c166a71bca7c725add9ec94c
Size: 19.56 MB
Asianux Server 9 for x86_64
- python3.12-3.12.5-2.el9_5.3.i686.rpm
MD5: 78ef8b811666aee1ceceefde176a64fb
SHA-256: 0228d1268a6d1a573644053691d1d77e6fdaf04bf488d4f98e1e2fe9cb09f0df
Size: 26.64 kB - python3.12-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 9c87f600ee8df85ff26fb8bb2fdfb58d
SHA-256: edcaf3dd3cab8242abea3ac5b6e3a8f9b28eb462e5a1ee3717fb4479906b0f6b
Size: 26.55 kB - python3.12-debug-3.12.5-2.el9_5.3.i686.rpm
MD5: ce13e0d893ebbc3e0aec8fcc398e7709
SHA-256: 9d998848fa8e86773e53660f54a083d1576b73ee87d39ff8229865e2bd934f23
Size: 3.54 MB - python3.12-debug-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 5712297c1406772768bb490bb2040281
SHA-256: 8a7b54ffcf116ff31be9ecee12d96aa865457f78ffb4517e40200359f52c4818
Size: 3.70 MB - python3.12-devel-3.12.5-2.el9_5.3.i686.rpm
MD5: aa3ebb4facc00f5c45a926f1e81e8c0f
SHA-256: 7ed5716db1df2694858d3d8eb169539daea05527a73b5485aba8b5d007a46a68
Size: 327.21 kB - python3.12-devel-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 38804ff902e6901a5cbd058c68488be2
SHA-256: a048eea0f98aef6b96cd801f945d8cf4baf05bbc2c834b78d7ca1910b0bb6060
Size: 327.26 kB - python3.12-idle-3.12.5-2.el9_5.3.i686.rpm
MD5: 654f0b667edf54667f541b0c9f6f27f0
SHA-256: be36cd393d22fb9c1ffe3c83866cd4df7bcb6c5871f9dca72ac3d2044edf31f6
Size: 1.07 MB - python3.12-idle-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 7b62ced8781c2f4b62fee8f51dc8a29d
SHA-256: 7ad1ee2c85b8da2261ff0fd617ad868a8fc868f7be240ceb591930b5626266ee
Size: 1.07 MB - python3.12-libs-3.12.5-2.el9_5.3.i686.rpm
MD5: d8faa05ef05406d78cb7c08411fe6828
SHA-256: 00e53a4d7a990ad49876e11ca8e11fa93534d2b14d06b152e395caece093a79a
Size: 9.71 MB - python3.12-libs-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 1cbd30abe287bbedda3d7d78e1e29a4c
SHA-256: 97f4263cb27896aa58d0bc8d1adbf76ce9ec1ef6f9ed03497b9814d9da758c2d
Size: 9.66 MB - python3.12-test-3.12.5-2.el9_5.3.i686.rpm
MD5: 6f86be0cd5688f989e8f5b3b4d660c93
SHA-256: a7d2eba45a5edc44271106f6b83f7fd0a2599d8abf6bf0b172675d55b323b24e
Size: 15.55 MB - python3.12-test-3.12.5-2.el9_5.3.x86_64.rpm
MD5: 3a983d9392c992185c014e0a11d41aeb
SHA-256: 80a856207e3e893489bd0be0aedc5a8280236a2c65540bd6469395c8e9d6c8cd
Size: 15.55 MB - python3.12-tkinter-3.12.5-2.el9_5.3.i686.rpm
MD5: cbd6bd88892d322def92fb0f21e8ba18
SHA-256: 089d7b7733afce00e4084f1dae0b276ca1aafc9700cbc212979c937da260a6a0
Size: 422.34 kB - python3.12-tkinter-3.12.5-2.el9_5.3.x86_64.rpm
MD5: f203fd7027659de65863b61d94f0f914
SHA-256: 2b9f29e114a0d55e647a5e85ef40fddcd0f4bbaa987d4e531c64d6725d2d1dca
Size: 420.65 kB