Fedora 40: 2024-ab8945c2bd critical: python-multipart DoS
fedora
December 10, 2024
Python-Multipart is a streaming multipart parser for Python.
Summary
Python-Multipart is a streaming multipart parser for Python.
Update Information:
Security update for CVE-2024-53981. 0.0.19 (2024-11-30) Don't warn when CRLF is found after last boundary on MultipartParser. 0.0.18 (2024-11-28) Hard break if found data after last boundary on MultipartParser.
Topics Covered
Change Log
* Sun Dec 1 2024 Benjamin A. Beasley
References
[ 1 ] Bug #2329410 - python-python-multipart-0.0.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2329410
[ 2 ] Bug #2329676 - python-python-multipart-0.0.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2329676
[ 3 ] Bug #2330006 - CVE-2024-53981 python-multipart: python-multipart has a DoS via deformation `multipart/form-data` boundary [fedora-40]
https://bugzilla.redhat.com/show_bug.cgi?id=2330006
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ab8945c2bd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python-multipart
Product: Fedora 40
Version: 0.0.19
Release: 1.fc40
Summary: A streaming multipart parser for Python
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!