[CLSA-2024:1727289456] python: Fix of CVE-2024-6232
Type:
security
Severity:
Important
Release date:
2024-09-25 18:37:41 UTC
Description:
- CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
Updated packages:
  • python-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:84ddd876f26a6a87440641144dd8358445e414d0b491f54bd995bf8a4dceecac
  • python-debug-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:f1aaeb71dc3f410e7c1dfa89fd877a8e727356c885378fbc3732c1f9f4622238
  • python-devel-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:c62ef0c759a86b15187c9547802f3694954e36520563f5b618c4d0ca347f98d1
  • python-libs-2.7.5-94.el7_9.tuxcare.els4.i686.rpm
    sha:59a0bbb309c161a5082e8142fbb15f1589f32c45d6a23ef3e0a3010a8c0b345d
  • python-libs-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:b46c246b21227c46c617bb933f2d6acfb0945c5df60739cf1fdf3e94c2106870
  • python-test-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:ee2c8d8e72326779f61f003bb5a151050ba8ed903429d23b91dfc187bafb56a1
  • python-tools-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:532fdf0290bfed042fc0e808c9ec5d05b0d5829ee5f88a9feb165124d1f0bee0
  • tkinter-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:a3cf13aa9f33939c214389f5e646327285e7b18d469c5cf7e75e61a75063b6b2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.