Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Ubuntu 22.04 LTS: 5632-1 Moderate: OAuthLib Denial Of Service

ubuntu
Calendar Grey September 22, 2022
Dist Ubuntu Esm H88
Uncover the potential flaw in OAuthLib on Ubuntu that could lead to service disruption via intentionally designed network packets.
OAuthLib could be made to crash if it received specially crafted network traffic.

Summary

OAuthLib could be made to crash if it received specially crafted network

traffic.

Software Description:

- python-oauthlib: generic, spec-compliant implementation of OAuth for Python3

Details:

Sebastian Chnelik discovered that OAuthLib incorrectly handled certain

redirect uris. A remote attacker could possibly use this issue to cause

OAuthLib to crash, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  python3-oauthlib                3.2.0-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5632-1

CVE-2022-36087

September 22, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.