[CLSA-2024:1727289167] python: Fix of CVE-2024-6232
Type:
security
Severity:
Critical
Release date:
2024-09-25 18:32:52 UTC
Description:
- CVE-2024-6232: fixed regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.
Updated packages:
  • python-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:d52fac9c15d63aadb4847490d9e0ea4883c843945208408e91ac3103b5b1bb93
  • python-debug-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:111c609358a1439b2258a51f63729dd5d26f40671cbdf658d4333f2626a97131
  • python-devel-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:6f2e2a9a663e147ad9554ab3c1b76dacceaf64b502eb1876aac3169ff13c82be
  • python-libs-2.7.5-94.el7_9.tuxcare.els4.i686.rpm
    sha:633175139a16f4117354a76631846ac22bc756b7f096ba0343cdb001538e7681
  • python-libs-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:52344f9e4450ee25914762eeb1262ca485eef56877a4f0a5e4290ab9b9d3bc7e
  • python-test-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:5472daec18355ba12782dfb9b60a72d1858b3a0e3ac6ddecbad782c557097b7e
  • python-tools-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:ee78d075306139cb277fed602e6508bf217ade551b3de30ea64c1697626839de
  • tkinter-2.7.5-94.el7_9.tuxcare.els4.x86_64.rpm
    sha:9a4592e53de8d0448450a97e7362117828768f6ee8582d2d2149c35be699b585
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.