 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.819614 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora: Security Advisory for rust-python-launcher (FEDORA-2022-c4071e3dc7) |
| Summary: | The remote host is missing an update for the 'rust-python-launcher'; package(s) announced via the FEDORA-2022-c4071e3dc7 advisory. |
| Description: | Summary: The remote host is missing an update for the 'rust-python-launcher' package(s) announced via the FEDORA-2022-c4071e3dc7 advisory. Vulnerability Insight: The Python Launcher for Unix. Launch your Python interpreter the lazy/smart way! This launcher is an implementation of the py command for Unix-based platforms. The goal is to have py become the cross-platform command that Python users typically use to launch an interpreter while doing development. By having a command that is version-agnostic when it comes to Python, it side-steps the 'what should the python command point to?' debate by clearly specifying that upfront (i.e. the newest version of Python that can be found). This also unifies the suggested command to document for launching Python on both Windows as Unix as py has existed as the preferred command on Windows since 2012 with the release of Python 3.3. Typical usage would be: py -m venv .venv py ... # Whatever you would normally use `python` for during development. This creates a virtual environment in a .venv directory using the latest version of Python installed. Subsequent uses of py will then use that virtual environment as long as it is in the current (or higher) directory, no environment activation required (although the Python Launcher supports activated environments as well)! A non-goal of this launcher is to become the way to launch the Python interpreter all the time. If you know the exact interpreter you want to launch then you should launch it directly, same goes for when you have requirements on the type of interpreter you want. The Python Launcher should be viewed as a tool of convenience, not necessity. Affected Software/OS: 'rust-python-launcher' package(s) on Fedora 35. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-21658 https://github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7JKZDTBMGAWIFJSNWKBMPO5EAKRR4BEW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKGTACKMKAPRDPWPTU26GYWBELIRFF5N/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BK32QZLHDC2OVLPKTUHNT2G3VHWHD4LX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63NH72Q7UHJM5V3IVYRI7LVBGGFQMSQ/ https://security.gentoo.org/glsa/202210-09 https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html https://github.com/rust-lang/rust/pull/93110 https://github.com/rust-lang/rust/pull/93110/commits/32ed6e599bb4722efefd78bbc9cd7ec4613cb946 https://github.com/rust-lang/rust/pull/93110/commits/406cc071d6cfdfdb678bf3d83d766851de95abaf https://github.com/rust-lang/rust/pull/93110/commits/4f0ad1c92ca08da6e8dc17838070975762f59714 |
| Copyright | Copyright (C) 2022 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |