python3.9-3.9.25-3.el9_7.1
エラータID: AXSA:2026-295:02
リリース日:
2026/03/12 Thursday - 18:52
題名:
python3.9-3.9.25-3.el9_7.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Python の imaplib モジュールには、リモートの攻撃者により、
不正なコマンドの実行を可能とする脆弱性が存在します。
(CVE-2025-15366)
- Python の poplib モジュールには、入力データのチェック処理に
不備があるため、リモートの攻撃者により、不正なコマンドの実行を
可能とする脆弱性が存在します。(CVE-2025-15367)
- Python には、入力データのチェック処理に不備があるため、
リモートの攻撃者により、データ破壊を可能とする脆弱性が存在します。
(CVE-2026-0865)
- Python の email モジュールには、リモートの攻撃者により、
情報の漏洩、およびデータ破壊を可能とする脆弱性が存在します。
(CVE-2026-1299)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-15366
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
CVE-2025-15367
The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
CVE-2026-0865
User-controlled header names and values containing newlines can allow injecting HTTP headers.
User-controlled header names and values containing newlines can allow injecting HTTP headers.
CVE-2026-1299
The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".
The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email folding rules, the new behavior will reject the incorrectly folded headers in "BytesGenerator".
追加情報:
N/A
ダウンロード:
SRPMS
- python3.9-3.9.25-3.el9_7.1.src.rpm
MD5: a973b84e04bffd9e1141389bad3d654b
SHA-256: 27ca62a7078ecaec9afed58ebab835c118e1dd21dea4c06f6f8c7324fe422e7a
Size: 19.85 MB
Asianux Server 9 for x86_64
- python3-3.9.25-3.el9_7.1.i686.rpm
MD5: 4d3aaadfd3ba8150435a7e3d3e2e44c7
SHA-256: 6e5f57c986364eec1599049c89628bcc3579f5bc2129ee6e3f6ad6e807e2ff72
Size: 25.89 kB - python3-3.9.25-3.el9_7.1.x86_64.rpm
MD5: c2b155e4f1a09c94cdeed79e9716cf57
SHA-256: 40119672def54bdb2367fc861a928cd76b77550b2ad9b1344605b60898f81001
Size: 25.91 kB - python3-debug-3.9.25-3.el9_7.1.i686.rpm
MD5: 3cf3f5606a6d5cb1d1470ed5cb4d47f8
SHA-256: 1bca9bd435628d0058c5c3ed052c4674d6784b0fe596db4c95aa87f6508dab4f
Size: 2.88 MB - python3-debug-3.9.25-3.el9_7.1.x86_64.rpm
MD5: 51c01da0fa2c9b8bc0f482094d874f74
SHA-256: 800b119075d9c920dabbeb15d72b1501491267fb894a07ade3ab641db7e4b27a
Size: 3.04 MB - python3-devel-3.9.25-3.el9_7.1.i686.rpm
MD5: 33e9a9ff1e9aaf461529390c772e0de5
SHA-256: 972743bb404cdeb931b57abf24a4f0fba8f6ee4b5146b71f7d4a87794427bdcd
Size: 245.58 kB - python3-devel-3.9.25-3.el9_7.1.x86_64.rpm
MD5: a5e01a42b29171d1150e3ebfb962a915
SHA-256: 9b5778dcbebd5f38bbc04a8fc03987eeb7b6aede0a0c7561f1423c0d91c6ff8f
Size: 245.42 kB - python3-idle-3.9.25-3.el9_7.1.i686.rpm
MD5: 09b3e8b780013dd9aa8b1aa5764ab8e0
SHA-256: e2b069692cefd131d20636c8501b71810244a3f9bcbdba83d7cb9c580933ddea
Size: 889.05 kB - python3-idle-3.9.25-3.el9_7.1.x86_64.rpm
MD5: 326103d27cf99a12ad9f74ac9ef887df
SHA-256: 81988bf1fbdff539c8751612be92b70c16023b7b28df36cd6c02c3f496b905af
Size: 889.16 kB - python3-libs-3.9.25-3.el9_7.1.i686.rpm
MD5: c46d02018afe712f5876c075ce0a405b
SHA-256: 642edf6c28eb4970acda8d27fdd5da88228ba9d6add75b66c08df38805e435b2
Size: 8.09 MB - python3-libs-3.9.25-3.el9_7.1.x86_64.rpm
MD5: ffa36deffe5d7fa8c00acf932fec4431
SHA-256: 696f633031dfcd90089922770a720d71c356103cbc8d90486acd95256685e024
Size: 8.04 MB - python3-test-3.9.25-3.el9_7.1.i686.rpm
MD5: ffae505ae9dba62afb5ddf74bfd51802
SHA-256: eae167645b2db636b0997ccb147527087dd1da77f53e0447ce4b48538627304d
Size: 10.21 MB - python3-test-3.9.25-3.el9_7.1.x86_64.rpm
MD5: e549054e80f29088aef0504c9682a8f8
SHA-256: 169f6bff18a4e30ee4bed9a8e64a606f0e231ce4fbd815ba2503ef319245c97a
Size: 10.20 MB - python3-tkinter-3.9.25-3.el9_7.1.i686.rpm
MD5: 806ff83acf2a78012d1468c5f5f57b60
SHA-256: c03e56585a080c37623de15dd6f375be57448ac2e2bec527840d888d31dd8538
Size: 343.40 kB - python3-tkinter-3.9.25-3.el9_7.1.x86_64.rpm
MD5: 167b65a59b4103405ccd799535a02cf8
SHA-256: a43e4cd7a9cf9e17d01c0d637b0d1ee3912564b957d8c3bf07300b3931f37b04
Size: 341.97 kB - python-unversioned-command-3.9.25-3.el9_7.1.noarch.rpm
MD5: e74533f9802ff995700d732314efb36c
SHA-256: 1098e7adc021b27ee4c268b449eff3ca0c38f6c9068c26ac8a5a37a84b14f5c4
Size: 9.26 kB
English