CLSA-2024:1720548691

[CLSA-2024:1720548691] python3: Fix of 2 CVEs

Type:

security

Severity:

Important

Release date:

2024-07-09 18:11:34 UTC

Description:

- CVE-2023-6597: Prevent tempfile.TemporaryDirectory class dereference symlinks
- CVE-2024-0450: Make zipfile module reject zip archives which overlap entries
  in the archive. Prevent “quoted-overlap” zip-bombs exploit.

Updated packages:

platform-python-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:21e6e86169617ace84fdb0eaf49d781840e5f060
platform-python-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:c51be28b16f08930547450d6212cd883737d56f9
platform-python-debug-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:992de2b193b50e06042c6b842bdbc76685cec5ef
platform-python-debug-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:80f6e56447d3a70f5b2d29d10ebfd9056288847b
platform-python-devel-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:cd72cdce75a900ed362e0bae18fce06fca8396da
platform-python-devel-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:7b4ac74fb70189a2c3acc8e82ebdc26a1ea2bbdc
python3-devel-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:53dfa4ba71a6991ca68eac3fb0679a89a17c324d
python3-idle-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:3cc6649c71057ebcdc680dd61654c71181651c9c
python3-idle-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:642c755ba8177d42c4d550342456aae4e173f689
python3-libs-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:f270faa558d75409c7f6000e269c05e43dcb422c
python3-libs-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:9e1d108e99bfdca9c3d5319eda4691ac213758c0
python3-test-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:087657ab17dbec14dcfb63665fc0dd66686a7e60
python3-test-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:6d881240336b7247cda23bc6e698ddf4b11870e7
python3-tkinter-3.6.8-42.el8.tuxcare.els6.i686.rpm
sha:eed4028e5d990f550b2f581844a2435792a81c41
python3-tkinter-3.6.8-42.el8.tuxcare.els6.x86_64.rpm
sha:60e907fb0a602d82b8d89adc4d9da984e848097a

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.