Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2018.0270
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2018-0270)
Zusammenfassung:	The remote host is missing an update for the 'python3' package(s) announced via the MGASA-2018-0270 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'python3' package(s) announced via the MGASA-2018-0270 advisory. Vulnerability Insight: Updated python3 packages fix security vulnerabilities: A flaw was found in the way catastrophic backtracking was implemented in Python's pop3lib's apop() method. An attacker could use this flaw to cause denial of service (CVE-2018-1060). A flaw was found in the way catastrophic backtracking was implemented in Python's difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service (CVE-2018-1061). Possible denial of service vulnerability due to a missing check in Lib/wave.py to verify that at least one channel is provided (CVE-2017-18207). Affected Software/OS: 'python3' package(s) on Mageia 5, Mageia 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-18207 https://bugs.python.org/issue32056 SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2018-1060 Debian Security Information: DSA-4306 (Google Search) https://www.debian.org/security/2018/dsa-4306 Debian Security Information: DSA-4307 (Google Search) https://www.debian.org/security/2018/dsa-4307 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/ https://www.oracle.com/security-alerts/cpujan2020.html https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html RedHat Security Advisories: RHBA-2019:0327 https://access.redhat.com/errata/RHBA-2019:0327 RedHat Security Advisories: RHSA-2018:3041 https://access.redhat.com/errata/RHSA-2018:3041 RedHat Security Advisories: RHSA-2018:3505 https://access.redhat.com/errata/RHSA-2018:3505 RedHat Security Advisories: RHSA-2019:1260 https://access.redhat.com/errata/RHSA-2019:1260 RedHat Security Advisories: RHSA-2019:3725 https://access.redhat.com/errata/RHSA-2019:3725 http://www.securitytracker.com/id/1042001 https://usn.ubuntu.com/3817-1/ https://usn.ubuntu.com/3817-2/ Common Vulnerability Exposure (CVE) ID: CVE-2018-1061
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.