openSUSE 15 Security Update : python-mysql-connector-python (openSUSE-SU-2024:0351-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0351-1 advisory. - Update to 9.1.0 boo1231740, CVE-2024-21272 - WL16452: Bundle all installable authentication plugins when building the C-extension - WL16444: Drop build...

python3.11 security update

3.11.10-1.0.1 - Update rpm-macros description Orabug: 36024572 3.11.10-1 - Update to 3.11.10 Resolves: RHEL-57400...

python310-pytest-html-4.1.1-3.1 on GA media (moderate)

python310-pytest-html-4.1.1-3.1 on GA media Announcement ID: openSUSE-SU-2024:14433-1 Rating: moderate Cross-References: CVE-2024-48948 CVSS scores: CVE-2024-48948 SUSE : 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L CVE-2024-48948 SUSE : 6.3...

python312-3.12.6-1.1 on GA media (moderate)

python312-3.12.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14370-1 Rating: moderate Cross-References: CVE-2024-6232 CVE-2024-7592 CVSS scores: CVE-2024-6232 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-6232 SUSE : 8.9...

RHSA-2016:1629 Red Hat Security Advisory: python33-python security update

Bulletin has no description...

RHSA-2024:4456 Red Hat Security Advisory: python3 security update

Bulletin has no description...

Medium: python3.9

Issue Overview: A defect was discovered in the Python "ssl" module where there is a memory race condition with the ssl.SSLContext methods "certstorestats" and "getcacerts". The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContex...

AZL-42811 CVE-2024-4032 affecting package python3 for versions less than 3.9.19-6

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

python3.12-cffi bug fix and enhancement update

An update is available for python3.12-cffi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

SUSE-SU-2024:1667-1 Security update for python

This update for python fixes the following issues: - CVE-2023-52425: Fixed using the system libexpat bsc1219559. - CVE-2023-27043: Modifed fix for unicode string handling in email.utils.parseaddr bsc1222537. - CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq bsc1214675. Bug...

PT-2024-7267 · Python +1 · Python +1

Name of the Vulnerable Software and Affected Versions: Python versions prior to 3.13 Description: The issue is related to the tempfile.mkdtemp function in Python, which on Windows, may not always set the correct permissions for the temporary directory, allowing other users to read and write to it...

SUSE-FU-2024:1448-1 Feature update for python-M2Crypto

This update for python-M2Crypto fixes the following issue: - Build for modern python stack - Adds python311-M2Crypto...

Medium: python3.11

Issue Overview: An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to "quoted-overlap" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed...

SUSE-SU-2024:0782-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory bsc1219666. - CVE-2023-27043: Fixed incorrect e-mqil parsing bsc1210638. - CVE-2022-25236: Fixed an expat vulnerability by supporting expat = 2.4.4 bsc1212015...

PT-2024-1782

Name of the Vulnerable Software and Affected Versions: libexpat versions 2.5.0 and earlier Description: The issue is related to an uncontrolled resource consumption in the libexpat library, which is used for XML parsing. This can be exploited by a remote attacker to cause a denial of service. The...

Medium: python3.11

Issue Overview: An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. CVE-2023-24329 The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing host...

SUSE-SU-2023:3828-2 Security update for python3

This update for python3 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692...

SUSE-SU-2023:3824-1 Security update for python310

This update for python310 fixes the following issues: - Update to 3.10.13. - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692 The following non-security bug was fixed: - stabilizing FLAGREF usage required for reproduceability bsc1213463...

SUSE-SU-2023:3731-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692...

SUSE-SU-2023:3730-1 Security update for python

This update for python fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692...