You are here
Home > Preporuke > Sigurnosni nedostatak programskog jezika python 2.7

Sigurnosni nedostatak programskog jezika python 2.7

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2020-e9251de272
2020-07-24 01:13:00.082811
——————————————————————————–

Name : python27
Product : Fedora 32
Version : 2.7.18
Release : 2.fc32
URL : https://www.python.org/
Summary : Version 2.7 of the Python interpreter
Description :
Python 2 is an old version of the language that is incompatible with the 3.x
line of releases. The language is mostly the same, but many details, especially
how built-in objects like dictionaries and strings work, have changed
considerably, and a lot of deprecated features have finally been removed in the
3.x line.

Note that Python 2 is not supported upstream after 2020-01-01, please use the
python3 package instead if you can.

This package also provides the “python2” executable.

——————————————————————————–
Update Information:

Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)
——————————————————————————–
ChangeLog:

* Mon Jul 20 2020 Petr Viktorin <pviktori@redhat.com> – 2.7.18-2
– Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1856481
——————————————————————————–
References:

[ 1 ] Bug #1856485 – CVE-2019-20907 python2: python: infinite loop in the tarfile module via crafted TAR archive [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1856485
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-e9251de272’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorFilip Omazic
Cert idNCERT-REF-2020-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Ranjivost Cisco Adaptive Security Appliance Software and Firepower Threat Defense softvera

Otkrivena je ranjivost kod Cisco Adaptive Security Appliance Software and Firepower Threat Defense softvera. Potencijalni napadač bi ranjivosti mogao iskoristiti...

Close