1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5759-1] python3.11 security update

    From Moritz Muehlenhoff@21:1/5 to All on Tue Aug 27 13:30:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5759-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 27, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : python3.11
    CVE ID : CVE-2024-0397 CVE-2024-4032 CVE-2024-8088

    Multiple security issues were discovered in Python, a high-level,
    interactive, object-oriented language:

    CVE-2024-0397

    A race condition in the ssl module was found when accessing
    CA certificates.

    CVE-2024-4032

    The ipaddress module contained incorrect information whether
    some ipv4 and ipv6 address ranges are designated as globally
    reachable or private.

    CVE-2024-8088

    Incorrect handling of path names in the zipfile module could
    result in an infinite loop when processing a zip archive
    (resulting in denial of service)

    For the stable distribution (bookworm), these problems have been fixed in version 3.11.2-6+deb12u3.

    We recommend that you upgrade your python3.11 packages.

    For the detailed security status of python3.11 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/python3.11

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbNrEwACgkQEMKTtsN8 TjaT3w//VSRJYCGoVdKU8cdx82Q70C8qbMg044R/xeET4lwIGUP7iH5V71IVK3sj xSo5PpaXczZZEwCF8qPLytZ3uj/QDzYDW20uCz/78TQBYhA/DpB2OGwBOuLCJ+oF sNvA/tI9FQgqYJ8WsdmCTidjK4ftu5GQPHWHOWPf13ysUO9zfbH+Iwvr1g7UxhRu s+1UUaTGjj0B5XFaeFeCIW5oUjSn4FGXjjGdVeWAG8tUtLtDZZ/65ZbNfxLG13Wy 5xHne8V1KHfAFiEUI+ugiQuHaI/l1CCIEMoIztSncv1MAjl/QlxwpVGKtkevhABZ aR+i2wn2RR130BgOxrLigvy0TZIVnm51wpwncAleMGyseVRwghEeIsczOLry61Ut rvkx4CuOsk6wArBpKVmty4n/1U0iGjKCmvvDEjxTioDhhIeZJtaT61v6UiiVZiy9 CoHvz3ZLoe8WApTroco8LIiCug4bo55OgPRE7CFB2Qua7sp+TuD/nYK6dF+XKwPM Qpt7jGS7c5iD/GN8t1RbJusg568LjZWyXlqLZrFFSe2lkkud7UWHB8Z0kopi0l8x VmAfDHgxycBZH9l2QIsYwu01xadmvWrOzddwa5C9aU9SvWaRKt3TItOSbqj5NsTo ApzBr7cSPQsejvev5braLRcR89rJ1S2DLZ+dZZR9CT5hVZCZzFs=
    =TwPS
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)