Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Mageia 8: MGASA-2022-0029 Moderate: Python-Celery Stored Command Injection

mageia
Calendar Grey January 25, 2022
Dist Mageia Esm H88
The Avalon Security Notice MGASA-2022-0030 discloses a vital update for python-django addressing a severe cross-site scripting vulnerability.
Stored Command Injection (CVE-2021-23727) Also fixes unfulfilled python3.8dist(billiard) installing pythone-celery

Summary

Stored Command Injection (CVE-2021-23727) Also fixes unfulfilled python3.8dist(billiard) installing pythone-celery.

References

- https://bugs.mageia.org/show_bug.cgi?id=29897

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SYXRGHWHD2WWMHBWCVD5ULVINPKNY3P5/

- https://www.cve.org/CVERecord?id=CVE-2021-23727

Resolution

SRPMS

- 8/core/python-celery-5.0.5-1.1.mga8

- 8/core/python-billiard-3.6.4.0-1.mga8

Publication date: 25 Jan 2022
URL: https://advisories.mageia.org/MGASA-2022-0029.html
Type: security
CVE: CVE-2021-23727

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here