SUSE-SU-2022:4071-1 -- SLES python39, libpython3_9-1_0ID: oval:org.secpod.oval:def:89047914 | Date: (C)2022-11-23 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for python39 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method . - CVE-2022-45061: Fixed a quadratic IDNA decoding time . Other fixes: - Allow building of documentation with the latest Sphinx 5.3.0 . - Update to 3.9.15: - Fix multiplying a list by an integer : detect the integer overflow when the new allocated length is close to the maximum size. - Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. - Fix command line parsing: reject -X int_max_str_digits option with no value when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit. - When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits function in the error message. - Update bundled libexpat to 2.4.9
Platform: |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
python39 |
libpython3_9-1_0 |