Ubuntu Security Notice 5767-2 - USN-5767-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash.
63c7337bd47f13871b70d5ee38366430f1b2adff27aa41fb426d28bd98c80b47Ubuntu Security Notice 5767-1 - Nicky Mouha discovered that Python incorrectly handled certain SHA-3 internals. An attacker could possibly use this issue to cause a crash or execute arbitrary code. It was discovered that Python incorrectly handled certain IDNA inputs. An attacker could possibly use this issue to expose sensitive information denial of service, or cause a crash.
7c1e978b221fce1e3215a3c441af36781bffe05e45a13e452423ec7ff4141283Red Hat Security Advisory 2022-8849-01 - An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 16.2.4 (Train).
b5f2399b157132ac68978227b44fcc1e661060d2608fe5b0472f9901a19901f3Red Hat Security Advisory 2022-8852-01 - A fast multidimensional array facility for Python. Issues addressed include a null pointer vulnerability.
e7c358fe90f07722512e48d1b79078c54950be8243c60d15e1998e34cfef993bRed Hat Security Advisory 2022-8873-01 - An update for python-oslo-utils is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.
cc0254af4ecc595e7fa8b392f35777ae1c6474a1add6cc4bfec7cb137ec72c77Red Hat Security Advisory 2022-8866-01 - An update for python-XStatic-Angular is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.
1fcce3aa39ba096635f45398699a10f744fdb8132d0c7c26b57a7bc9471499cbRed Hat Security Advisory 2022-8848-01 - An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.2.4 (Train). Issues addressed include a cross site scripting vulnerability.
46ee431b947d20c69f38872fd39dfcd3702dc646d47966e225313f566f6bb925Red Hat Security Advisory 2022-8865-01 - An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Issues addressed include a cross site scripting vulnerability.
39dd9724eb6ce3d1cc9b544af396e6183ee8e5389f325d6875ed8ede5c9bdb84Red Hat Security Advisory 2022-8853-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.2.4 (Train) for Red Hat Enterprise Linux (RHEL) 8.4. Issues addressed include cross site scripting and denial of service vulnerabilities.
b1ffbe4826331e7e7e393e95b639b6c12acc38f9635633508dead64541997d6fRed Hat Security Advisory 2022-8856-01 - An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.2.4 (Train) on Red Hat Enterprise Linux (RHEL) 8.4.
73f783affb3a1f670394244a0773cadb828e58a0520a0553bdd24b4a4b707754Red Hat Security Advisory 2022-8854-01 - An update for python-scciclient is now available for Red Hat OpenStack Platform 16.2.4 (Train) director for Red Hat Enterprise Linux (RHEL) 8.4.
54c5f8a5950ff7805f053b6ab3142875d10a9c33b40322711472ecb88f460646Red Hat Security Advisory 2022-8872-01 - An update for python-django20 is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Issues addressed include cross site scripting, denial of service, remote shell upload, and remote SQL injection vulnerabilities.
e5e7d087bfcb84b64424f6f5ba3f374d1774f83da6dd2bb3d702e487b2cbd58bRed Hat Security Advisory 2022-8863-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.
59534817e9e5c4ed208e21817cc8d384718759ee9feaec332ee49ea7ba65f1b5Red Hat Security Advisory 2022-8861-01 - A fast multidimensional array facility for Python. Issues addressed include a null pointer vulnerability.
db4e9d888f93ad8c6a4af87ab7d72478e3a64fa36c30ba62261e5a5998b3d9a3Red Hat Security Advisory 2022-8868-01 - An update for python-scciclient is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.
44e92dcd554e330adb9200d54d3d3190961f86b46fc4fef057c3baa7cb85c9d7Red Hat Security Advisory 2022-8845-01 - Paramiko is a module for python 2.3 or greater that implements the SSH2 protocol for secure connections to remote machines. Unlike SSL, the SSH2 protocol does not require heirarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel.
a6a2060126d1be99be2aca8297f1257ee4619fcacb1e48e24b430da0c6b1eb8cA directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.
7aa7ca72652dab91234127d8332a19316f0f61be17e1c626e65aae18d9435347Ubuntu Security Notice 5763-1 - It was discovered that NumPy did not properly manage memory when specifying arrays of large dimensions. If a user were tricked into running malicious Python file, an attacker could cause a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that NumPy did not properly perform string comparison operations under certain circumstances. An attacker could possibly use this issue to cause NumPy to crash, resulting in a denial of service.
40ada0f71cfe2246d74c5f52c1ed606d4312af2338630c27267a73a8c26a3306Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
0127fca069d9b37d986cb18e84406f7e4e056b54f050f28400442b28945635cbRed Hat Security Advisory 2022-8493-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
830e84737049728164089fedffb46a7456defd19bcdcd6e15286d0fe9df4be79Red Hat Security Advisory 2022-8492-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a privilege escalation vulnerability.
6cf3a3fb83078828d12c9df5d5fe73dbfad72c496a535112ea92891acff4047dRed Hat Security Advisory 2022-8226-01 - lxml is an XML processing library providing access to libxml2 and libxslt libraries using the Python ElementTree API. Issues addressed include a null pointer vulnerability.
c7a7d8016e3f6e1bbea20fd6fe23d693073c38fd02b640fad0cb11e1c2e5708eRed Hat Security Advisory 2022-8353-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include information leakage and open redirection vulnerabilities.
625ea5260bb99c4f63602364f0a05f4244de78b2f36f0c62be4b3fe80c971b0aRed Hat Security Advisory 2022-7581-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
f5c969e85fb89a391552f03295f4cf097c926e26a196210f6030b00afa0d9bb9Red Hat Security Advisory 2022-7593-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing.
c9698036ccccf35f38744b451c5bcec4034590ecce5a7afd3260a039f38c1c77
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed