Mageia 7 MGASA-2020-0451 Moderate: Python Denial Of Service Issues

mageia

December 8, 2020

It was discovered that incorrectly handled certain ZIP files

Summary

It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service (CVE-2019-9674).
It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information (CVE-2019-17514).
It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service (CVE-2019-20907).
It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service (CVE-2020-8492).
It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service (CVE-2020-14422).
It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection (CVE-2020-26116).
The CVE-2020-14422 is...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=26268

- https://ubuntu.com/security/notices/USN-4428-1

- https://ubuntu.com/security/notices/USN-4333-1

- https://ubuntu.com/security/notices/USN-4581-1

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BW4GCLQISJCOEGQNIMVUZDQMIY6RR6CC/

- https://access.redhat.com/errata/RHSA-2020:4273

- https://access.redhat.com/errata/RHSA-2020:4299

- https://access.redhat.com/errata/RHSA-2020:4433

- https://www.cve.org/CVERecord?id=CVE-2019-9674

- https://www.cve.org/CVERecord?id=CVE-2019-17514

- https://www.cve.org/CVERecord?id=CVE-2019-20907

- https://www.cve.org/CVERecord?id=CVE-2020-8492

- https://www.cve.org/CVERecord?id=CVE-2020-14422

- https://www.cve.org/CVERecord?id=CVE-2020-26116

Topics Covered

security advisory denial of service software update security issues python package python issues mageia python3 magiea

Resolution

SRPMS

- 7/core/python-2.7.18-1.1.mga7

- 7/core/python3-3.7.9-1.mga7

Severity

important

Lowest

Low

Medium

High

Critical

Publication date: 08 Dec 2020

URL: https://advisories.mageia.org/MGASA-2020-0451.html

Type: security

CVE: CVE-2019-9674, CVE-2019-17514, CVE-2019-20907, CVE-2020-8492, CVE-2020-14422, CVE-2020-26116

Topics Covered

security advisory denial of service software update security issues python package python issues mageia python3 magiea

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 7 MGASA-2020-0451 Moderate: Python Denial Of Service Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 7 MGASA-2020-0451 Moderate: Python Denial Of Service Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!