ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2022.250.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2022-250-01)
Resumen:	The remote host is missing an update for the 'python3' package(s) announced via the SSA:2022-250-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python3' package(s) announced via the SSA:2022-250-01 advisory. Vulnerability Insight: New python3 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/python3-3.9.14-i586-1_slack15.0.txz: Upgraded. This is a security and bugfix release. gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'python3' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10735 FEDORA-2022-0b3904c674 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/ FEDORA-2022-141f632a6f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/ FEDORA-2022-29d436596f https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/ FEDORA-2022-46a44a7f83 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/ FEDORA-2022-4b31e33ed0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/ FEDORA-2022-66b65beccb https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/ FEDORA-2022-6d57598a23 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/ FEDORA-2022-72213986b8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/ FEDORA-2022-79843dfb3c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/ FEDORA-2022-8535093cba https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/ FEDORA-2022-958fd7a32e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/ FEDORA-2022-ac82a548df https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/ FEDORA-2022-b01214472e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/ FEDORA-2022-b8b34e62ab https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/ FEDORA-2022-c072cdc3c8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/ FEDORA-2022-d1682fef04 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/ FEDORA-2022-d4570fc1a6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/ FEDORA-2022-dd5032bedf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/ FEDORA-2022-f330bbfda2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/ FEDORA-2022-f511f8f58b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/ [oss-security] 20220921 Re: big ints in python: CVE-2020-10735 http://www.openwall.com/lists/oss-security/2022/09/21/4 [oss-security] 20220921 big ints in python: CVE-2020-10735 http://www.openwall.com/lists/oss-security/2022/09/21/1 https://access.redhat.com/security/cve/CVE-2020-10735 https://bugzilla.redhat.com/show_bug.cgi?id=1834423 https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y https://github.com/python/cpython/issues/95778 https://lists.debian.org/debian-lts-announce/2023/06/msg00039.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.