Mageia 2019-0135: python3 security update
Summary
Python's elementtree C accelerator failed to initialise Expat's hash salt
during initialization. This could make it easy to conduct denial of service
attacks against Expat by contructing an XML document that would cause
pathological hash collisions in Expat's internal data structures, consuming
large amounts CPU and RAM (CVE-2018-14647).
Modules/_pickle.c in Python before 3.5.7 has an integer overflow via a large
LONG_BINPUT value that is mishandled during a "resize to twice the size"
attempt. This issue might cause memory exhaustion, but is only relevant if
the pickle format is used for serializing tens or hundreds of gigabytes of
data
(CVE-2018-20406).
A null pointer dereference vulnerability was found in the certificate
parsing code in Python. This causes a denial of service to applications when
parsing specially crafted certificates. This vulnerability is unlikely to be
triggered if application enables SSL/TLS certificate validation and accepts
certificates only from trusted root certificate authorities (CVE-2019-5010).
A vulnerability was found in Python 3.x through 3.5.7. An improper Handling
of Unicode Encoding (with an incorrect netloc) during NFKC normalization could
lead to an Information Disclosure (credentials, cookies, etc. that are cached
against a given hostname) in the urllib.parse.urlsplit, urllib.parse.urlparse
components. A specially crafted URL could be incorrectly parsed to locate
cookies or authentication data and send that information to a different host
than when parsed correctly (CVE-2019-9636).
The python3 package has been updated to version 3.5.7, fixing these and other
issues.
References
- https://bugs.mageia.org/show_bug.cgi?id=23664
- https://pythoninsider.blogspot.com/2019/03/python-3.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A7QEHDSATR6O6LCG44EN2DA4QDAYBYWW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20406
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636
Resolution
MGASA-2019-0135 - Updated python3 packages fix security vulnerability
SRPMS
- 6/core/python3-3.5.7-1.mga6