Fedora 40 Security Advisory for python-astropy: CVE-2023-41334 RCE Alert
fedora
July 5, 2024
Security fix for CVE-2023-41334
Summary
The Astropy project is a common effort to develop a single core package
for Astronomy. Major packages such as PyFITS, PyWCS, vo, and asciitable
already merged in, and many more components being worked on. In
particular, we are developing imaging, photometric, and spectroscopic
functionality, as well as frameworks for cosmology, unit handling, and
coordinate transformations.
Update Information:
Security fix for CVE-2023-41334
Topics Covered
Change Log
* Wed Jun 26 2024 Sergio Pascual
- SPDX migration, license is BSD-3-Clause AND CFITSIO
References
[ 1 ] Bug #2270185 - CVE-2023-41334 python-astropy: Remote code execution in TranformGraph().to_dot_graph function
https://bugzilla.redhat.com/show_bug.cgi?id=2270185
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-d329148f1e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python-astropy
Product: Fedora 40
Version: 5.3.3
Release: 1.fc40
Summary: A Community Python Library for Astronomy
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!