Release Info

Advisory: CLSA-2024:1727288754

OS: CloudLinux 7 ELS

Public date: 2024-09-25 14:25:57

Project: python3

Version: 3.6.8-21.el7_9.tuxcare.els4

Errata link: https://errata.cloudlinux.com/cloudlinux7els/CLSA-2024-1727288754.html

Changelog

- CVE-2024-6232: remove backtracking when parsing tarfile headers - CVE-2024-7592: fix quadratic complexity in parsing "-quoted cookie values with backslashes

Update

Update command: yum update python3*

Packages list

python3-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-debug-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-debug-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-devel-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-devel-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-idle-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-idle-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-libs-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-libs-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-test-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-test-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.i686.rpm python3-tkinter-3.6.8-21.el7_9.tuxcare.els4.x86_64.rpm

CVEs

CVE-2022-0391
CVE-2022-48560
CVE-2023-6597
CVE-2022-48564
CVE-2022-48565
CVE-2021-3737
CVE-2021-3177
CVE-2021-28861
CVE-2022-45061
CVE-2024-6232
CVE-2020-26116
CVE-2024-7592