python3.10:bookworm is vulnerable to Denial Of Service (DoS). The vulnerability exists in int()
and PyLong_FromString()
due to not limit amount of digits converting text to int leading which allows an attacker to cause an application crash via a malicious input.
www.openwall.com/lists/oss-security/2022/09/21/1
www.openwall.com/lists/oss-security/2022/09/21/4
access.redhat.com/errata/RHSA-2022:6766
access.redhat.com/errata/RHSA-2022:7323
access.redhat.com/security/cve/CVE-2020-10735
bugzilla.redhat.com/show_bug.cgi?id=1834423
docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y
github.com/python/cpython/issues/95778
lists.debian.org/debian-lts-announce/2023/06/msg00039.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/
lists.fedoraproject.org/archives/list/[email protected]/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/
lists.fedoraproject.org/archives/list/[email protected]/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/
lists.fedoraproject.org/archives/list/[email protected]/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/
lists.fedoraproject.org/archives/list/[email protected]/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/
lists.fedoraproject.org/archives/list/[email protected]/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/
lists.fedoraproject.org/archives/list/[email protected]/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/
lists.fedoraproject.org/archives/list/[email protected]/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/
lists.fedoraproject.org/archives/list/[email protected]/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/
lists.fedoraproject.org/archives/list/[email protected]/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/
lists.fedoraproject.org/archives/list/[email protected]/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/
lists.fedoraproject.org/archives/list/[email protected]/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/
lists.fedoraproject.org/archives/list/[email protected]/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/
lists.fedoraproject.org/archives/list/[email protected]/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/
lists.fedoraproject.org/archives/list/[email protected]/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/
lists.fedoraproject.org/archives/list/[email protected]/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/
lists.fedoraproject.org/archives/list/[email protected]/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/
lists.fedoraproject.org/archives/list/[email protected]/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/
lists.fedoraproject.org/archives/list/[email protected]/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/
lists.fedoraproject.org/archives/list/[email protected]/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/
lists.fedoraproject.org/archives/list/[email protected]/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/
security-tracker.debian.org/tracker/CVE-2020-10735