python3-3.6.8-21.0.4.el7.AXS7
エラータID: AXSA:2025-11000:05
リリース日:
2025/10/28 Tuesday - 17:38
題名:
python3-3.6.8-21.0.4.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- Python の tarfile モジュールの tarfile.extract() 関数および
tarfile.extractall() 関数には、ディレクトリトラバーサル攻撃を許容
してしまう問題があるため、ローカルの攻撃者により、細工された TAR
形式のアーカイブの展開処理を介して、任意のファイルの上書きによる
破壊を可能とする脆弱性が存在します。(CVE-2007-4559)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- python3-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: f478e3c599778cea0a7679c60a67dcf2
SHA-256: 66d74152eb658dc6c7b76030ef8f4d90e3823dab998ad7e7fa5fcd75c24dc8ca
Size: 71.74 kB - python3-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: dd29f397815d1dd00162b2218aae371d
SHA-256: 4c177ce17c873d432bb8b94dbaaffcb8f6b62fc94de12e17b390e12f3a2cb209
Size: 71.68 kB - python3-debug-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: dfeacf8f4f8ce5d4d85978406b5bd366
SHA-256: 78b633449dc202bec7c3207384e339df6a6cde6e6a95189d19d10f02242beb76
Size: 2.42 MB - python3-debug-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: d8af311ece0881c900254c10659311ad
SHA-256: 164a2742a65b0049d0956f44b10616f431e3f21b3580d2bf61a5cc7a8976557f
Size: 2.64 MB - python3-devel-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: b62fc23dbf2647b7651b5e644ba2df17
SHA-256: 7f61a905269a53246a7bedf4988b16a3469b0af72fb5f1646117c35fed2b1893
Size: 218.55 kB - python3-devel-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: 8777f981b42a5c20787be44734d1dd7c
SHA-256: 2aeabd2e098aed960b0be17fd072242ddb8ae4c806d6ce3bc44191bf398f9d7c
Size: 218.36 kB - python3-idle-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: 28ff7f00a980c70311f448c3dd11a57a
SHA-256: dfed98264ab82fe3235204d71e816317df0baf28b4cbd5071ef67a5fbc9d245c
Size: 780.79 kB - python3-idle-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: 52b3953533a06fc30d71ca038985217f
SHA-256: 3cf2e37d91d107afec9ed7e6fcec4521a96ebba436d9ef494dcafb8f6167f0b0
Size: 780.75 kB - python3-libs-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: 20fdd728acb821184350621785726f55
SHA-256: 0a04f4c3042493b9b2a632c7bf428f3a0c10afdc2ed29f80cbe47d65de298fc1
Size: 6.86 MB - python3-libs-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: 7fd25bc3a41d9d88123aa8df4a671b5f
SHA-256: af6b1317b5fd2c70ade77cb28347118ce114dbf4af183a46f104bdfb6f65ad0f
Size: 6.95 MB - python3-test-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: f421e33681fdf5551d5390090b5d0198
SHA-256: f635d2d08861f9d5dc539323af4c88138b3221b5916b9231a9a59d6ec90b072f
Size: 7.28 MB - python3-test-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: 1c716b0da8847ace132b7ffc029a5642
SHA-256: 862c5ddb552dfd8bed7c00930f79cfb365503d129f962781b882f4e29307d69c
Size: 7.27 MB - python3-tkinter-3.6.8-21.0.4.el7.AXS7.i686.rpm
MD5: 67780d75a2b1d8803ad394d9d6a8d336
SHA-256: 838ffe0f63a2204405daa86efd4eb5a097e72d2033c597b11f6247f1734d185c
Size: 367.12 kB - python3-tkinter-3.6.8-21.0.4.el7.AXS7.x86_64.rpm
MD5: c7efd39a9f572d3d5c60d3ee111ddbbb
SHA-256: a7a4de2e064d5c5a182020d91a069964142996a6f159666acc8696fe95193cc4
Size: 367.05 kB
English