mirror of
https://github.com/rocky-linux/sig-cloud-instance-images.git
synced 2024-12-29 20:30:55 +00:00
601 lines
74 KiB
HTML
601 lines
74 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<style>
|
|
* {
|
|
font-family: Arial, Helvetica, sans-serif;
|
|
}
|
|
h1 {
|
|
text-align: center;
|
|
}
|
|
.group-header th {
|
|
font-size: 200%;
|
|
}
|
|
.sub-header th {
|
|
font-size: 150%;
|
|
}
|
|
table, th, td {
|
|
border: 1px solid black;
|
|
border-collapse: collapse;
|
|
white-space: nowrap;
|
|
padding: .3em;
|
|
}
|
|
table {
|
|
margin: 0 auto;
|
|
}
|
|
.severity {
|
|
text-align: center;
|
|
font-weight: bold;
|
|
color: #fafafa;
|
|
}
|
|
.severity-LOW .severity { background-color: #5fbb31; }
|
|
.severity-MEDIUM .severity { background-color: #e9c600; }
|
|
.severity-HIGH .severity { background-color: #ff8800; }
|
|
.severity-CRITICAL .severity { background-color: #e40000; }
|
|
.severity-UNKNOWN .severity { background-color: #747474; }
|
|
.severity-LOW { background-color: #5fbb3160; }
|
|
.severity-MEDIUM { background-color: #e9c60060; }
|
|
.severity-HIGH { background-color: #ff880060; }
|
|
.severity-CRITICAL { background-color: #e4000060; }
|
|
.severity-UNKNOWN { background-color: #74747460; }
|
|
table tr td:first-of-type {
|
|
font-weight: bold;
|
|
}
|
|
.links a,
|
|
.links[data-more-links=on] a {
|
|
display: block;
|
|
}
|
|
.links[data-more-links=off] a:nth-of-type(1n+5) {
|
|
display: none;
|
|
}
|
|
a.toggle-more-links { cursor: pointer; }
|
|
</style>
|
|
<title>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-03-27 13:29:23.152833352 +0000 UTC m=+0.822861180 </title>
|
|
<script>
|
|
window.onload = function() {
|
|
document.querySelectorAll('td.links').forEach(function(linkCell) {
|
|
var links = [].concat.apply([], linkCell.querySelectorAll('a'));
|
|
[].sort.apply(links, function(a, b) {
|
|
return a.href > b.href ? 1 : -1;
|
|
});
|
|
links.forEach(function(link, idx) {
|
|
if (links.length > 3 && 3 === idx) {
|
|
var toggleLink = document.createElement('a');
|
|
toggleLink.innerText = "Toggle more links";
|
|
toggleLink.href = "#toggleMore";
|
|
toggleLink.setAttribute("class", "toggle-more-links");
|
|
linkCell.appendChild(toggleLink);
|
|
}
|
|
linkCell.appendChild(link);
|
|
});
|
|
});
|
|
document.querySelectorAll('a.toggle-more-links').forEach(function(toggleLink) {
|
|
toggleLink.onclick = function() {
|
|
var expanded = toggleLink.parentElement.getAttribute("data-more-links");
|
|
toggleLink.parentElement.setAttribute("data-more-links", "on" === expanded ? "off" : "on");
|
|
return false;
|
|
};
|
|
});
|
|
};
|
|
</script>
|
|
</head>
|
|
<body>
|
|
<h1>docker.io/rockylinux/rockylinux:8 (rocky 8.7) - Trivy Report - 2023-03-27 13:29:23.152869652 +0000 UTC m=+0.822897480</h1>
|
|
<table>
|
|
<tr class="group-header"><th colspan="6">rocky</th></tr>
|
|
<tr class="sub-header">
|
|
<th>Package</th>
|
|
<th>Vulnerability ID</th>
|
|
<th>Severity</th>
|
|
<th>Installed Version</th>
|
|
<th>Fixed Version</th>
|
|
<th>Links</th>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">curl</td>
|
|
<td>CVE-2023-23916</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">7.61.1-25.el8_7.1</td>
|
|
<td>7.61.1-25.el8_7.3</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:1140">https://access.redhat.com/errata/RHSA-2023:1140</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2023-23916">https://access.redhat.com/security/cve/CVE-2023-23916</a>
|
|
<a href="https://bugzilla.redhat.com/2167815">https://bugzilla.redhat.com/2167815</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2167815">https://bugzilla.redhat.com/show_bug.cgi?id=2167815</a>
|
|
<a href="https://curl.se/docs/CVE-2023-23916.html">https://curl.se/docs/CVE-2023-23916.html</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916</a>
|
|
<a href="https://errata.almalinux.org/8/ALSA-2023-1140.html">https://errata.almalinux.org/8/ALSA-2023-1140.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:1140">https://errata.rockylinux.org/RLSA-2023:1140</a>
|
|
<a href="https://hackerone.com/reports/1826048">https://hackerone.com/reports/1826048</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2023-23916.html">https://linux.oracle.com/cve/CVE-2023-23916.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-1140.html">https://linux.oracle.com/errata/ELSA-2023-1140.html</a>
|
|
<a href="https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html">https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2023-23916">https://nvd.nist.gov/vuln/detail/CVE-2023-23916</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20230309-0006/">https://security.netapp.com/advisory/ntap-20230309-0006/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5891-1">https://ubuntu.com/security/notices/USN-5891-1</a>
|
|
<a href="https://www.debian.org/security/2023/dsa-5365">https://www.debian.org/security/2023/dsa-5365</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">libcurl-minimal</td>
|
|
<td>CVE-2023-23916</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">7.61.1-25.el8_7.1</td>
|
|
<td>7.61.1-25.el8_7.3</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:1140">https://access.redhat.com/errata/RHSA-2023:1140</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2023-23916">https://access.redhat.com/security/cve/CVE-2023-23916</a>
|
|
<a href="https://bugzilla.redhat.com/2167815">https://bugzilla.redhat.com/2167815</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2167815">https://bugzilla.redhat.com/show_bug.cgi?id=2167815</a>
|
|
<a href="https://curl.se/docs/CVE-2023-23916.html">https://curl.se/docs/CVE-2023-23916.html</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23916</a>
|
|
<a href="https://errata.almalinux.org/8/ALSA-2023-1140.html">https://errata.almalinux.org/8/ALSA-2023-1140.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:1140">https://errata.rockylinux.org/RLSA-2023:1140</a>
|
|
<a href="https://hackerone.com/reports/1826048">https://hackerone.com/reports/1826048</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2023-23916.html">https://linux.oracle.com/cve/CVE-2023-23916.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-1140.html">https://linux.oracle.com/errata/ELSA-2023-1140.html</a>
|
|
<a href="https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html">https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2023-23916">https://nvd.nist.gov/vuln/detail/CVE-2023-23916</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20230309-0006/">https://security.netapp.com/advisory/ntap-20230309-0006/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5891-1">https://ubuntu.com/security/notices/USN-5891-1</a>
|
|
<a href="https://www.debian.org/security/2023/dsa-5365">https://www.debian.org/security/2023/dsa-5365</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">platform-python</td>
|
|
<td>CVE-2020-10735</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="http://www.openwall.com/lists/oss-security/2022/09/21/1">http://www.openwall.com/lists/oss-security/2022/09/21/1</a>
|
|
<a href="http://www.openwall.com/lists/oss-security/2022/09/21/4">http://www.openwall.com/lists/oss-security/2022/09/21/4</a>
|
|
<a href="https://access.redhat.com/errata/RHSA-2022:7323">https://access.redhat.com/errata/RHSA-2022:7323</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2020-10735">https://access.redhat.com/security/cve/CVE-2020-10735</a>
|
|
<a href="https://bugzilla.redhat.com/1834423">https://bugzilla.redhat.com/1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1834423">https://bugzilla.redhat.com/show_bug.cgi?id=1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2144072">https://bugzilla.redhat.com/show_bug.cgi?id=2144072</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061</a>
|
|
<a href="https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y">https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2022-7323.html">https://errata.almalinux.org/9/ALSA-2022-7323.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0833">https://errata.rockylinux.org/RLSA-2023:0833</a>
|
|
<a href="https://github.com/python/cpython/issues/95778">https://github.com/python/cpython/issues/95778</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2020-10735.html">https://linux.oracle.com/cve/CVE-2020-10735.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0833.html">https://linux.oracle.com/errata/ELSA-2023-0833.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2020-10735">https://nvd.nist.gov/vuln/detail/CVE-2020-10735</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">platform-python</td>
|
|
<td>CVE-2021-28861</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2022:8353">https://access.redhat.com/errata/RHSA-2022:8353</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2021-28861">https://access.redhat.com/security/cve/CVE-2021-28861</a>
|
|
<a href="https://bugs.python.org/issue43223">https://bugs.python.org/issue43223</a>
|
|
<a href="https://bugzilla.redhat.com/2075390">https://bugzilla.redhat.com/2075390</a>
|
|
<a href="https://bugzilla.redhat.com/2120642">https://bugzilla.redhat.com/2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2054702">https://bugzilla.redhat.com/show_bug.cgi?id=2054702</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2059951">https://bugzilla.redhat.com/show_bug.cgi?id=2059951</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2075390">https://bugzilla.redhat.com/show_bug.cgi?id=2075390</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2128249">https://bugzilla.redhat.com/show_bug.cgi?id=2128249</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2022-8353.html">https://errata.almalinux.org/9/ALSA-2022-8353.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2022:8353">https://errata.rockylinux.org/RLSA-2022:8353</a>
|
|
<a href="https://github.com/python/cpython/pull/24848">https://github.com/python/cpython/pull/24848</a>
|
|
<a href="https://github.com/python/cpython/pull/93879">https://github.com/python/cpython/pull/93879</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2021-28861.html">https://linux.oracle.com/cve/CVE-2021-28861.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0833.html">https://linux.oracle.com/errata/ELSA-2023-0833.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2021-28861">https://nvd.nist.gov/vuln/detail/CVE-2021-28861</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5629-1">https://ubuntu.com/security/notices/USN-5629-1</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5888-1">https://ubuntu.com/security/notices/USN-5888-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">platform-python</td>
|
|
<td>CVE-2022-45061</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0953">https://access.redhat.com/errata/RHSA-2023:0953</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-45061">https://access.redhat.com/security/cve/CVE-2022-45061</a>
|
|
<a href="https://bugzilla.redhat.com/2144072">https://bugzilla.redhat.com/2144072</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1834423">https://bugzilla.redhat.com/show_bug.cgi?id=1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2144072">https://bugzilla.redhat.com/show_bug.cgi?id=2144072</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0953.html">https://errata.almalinux.org/9/ALSA-2023-0953.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0833">https://errata.rockylinux.org/RLSA-2023:0833</a>
|
|
<a href="https://github.com/python/cpython/issues/98433">https://github.com/python/cpython/issues/98433</a>
|
|
<a href="https://github.com/python/cpython/pull/99092">https://github.com/python/cpython/pull/99092</a>
|
|
<a href="https://github.com/python/cpython/pull/99230 (3.9-branch)">https://github.com/python/cpython/pull/99230 (3.9-branch)</a>
|
|
<a href="https://github.com/python/cpython/pull/99231 (3.8-branch)">https://github.com/python/cpython/pull/99231 (3.8-branch)</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-45061.html">https://linux.oracle.com/cve/CVE-2022-45061.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0953.html">https://linux.oracle.com/errata/ELSA-2023-0953.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-45061">https://nvd.nist.gov/vuln/detail/CVE-2022-45061</a>
|
|
<a href="https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html">https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20221209-0007/">https://security.netapp.com/advisory/ntap-20221209-0007/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5767-1">https://ubuntu.com/security/notices/USN-5767-1</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5767-2">https://ubuntu.com/security/notices/USN-5767-2</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5888-1">https://ubuntu.com/security/notices/USN-5888-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">platform-python-setuptools</td>
|
|
<td>CVE-2022-40897</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">39.2.0-6.el8</td>
|
|
<td>39.2.0-6.el8_7.1</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0952">https://access.redhat.com/errata/RHSA-2023:0952</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-40897">https://access.redhat.com/security/cve/CVE-2022-40897</a>
|
|
<a href="https://bugzilla.redhat.com/2158559">https://bugzilla.redhat.com/2158559</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2158559">https://bugzilla.redhat.com/show_bug.cgi?id=2158559</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0952.html">https://errata.almalinux.org/9/ALSA-2023-0952.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0835">https://errata.rockylinux.org/RLSA-2023:0835</a>
|
|
<a href="https://github.com/advisories/GHSA-r9hx-vwmv-q579">https://github.com/advisories/GHSA-r9hx-vwmv-q579</a>
|
|
<a href="https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200">https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200</a>
|
|
<a href="https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be">https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be</a>
|
|
<a href="https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1">https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1</a>
|
|
<a href="https://github.com/pypa/setuptools/issues/3659">https://github.com/pypa/setuptools/issues/3659</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-40897.html">https://linux.oracle.com/cve/CVE-2022-40897.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0952.html">https://linux.oracle.com/errata/ELSA-2023-0952.html</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40897">https://nvd.nist.gov/vuln/detail/CVE-2022-40897</a>
|
|
<a href="https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/">https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/</a>
|
|
<a href="https://pyup.io/vulnerabilities/CVE-2022-40897/52495/">https://pyup.io/vulnerabilities/CVE-2022-40897/52495/</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20230214-0001/">https://security.netapp.com/advisory/ntap-20230214-0001/</a>
|
|
<a href="https://setuptools.pypa.io/en/latest/">https://setuptools.pypa.io/en/latest/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5817-1">https://ubuntu.com/security/notices/USN-5817-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">python3-libs</td>
|
|
<td>CVE-2020-10735</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="http://www.openwall.com/lists/oss-security/2022/09/21/1">http://www.openwall.com/lists/oss-security/2022/09/21/1</a>
|
|
<a href="http://www.openwall.com/lists/oss-security/2022/09/21/4">http://www.openwall.com/lists/oss-security/2022/09/21/4</a>
|
|
<a href="https://access.redhat.com/errata/RHSA-2022:7323">https://access.redhat.com/errata/RHSA-2022:7323</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2020-10735">https://access.redhat.com/security/cve/CVE-2020-10735</a>
|
|
<a href="https://bugzilla.redhat.com/1834423">https://bugzilla.redhat.com/1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1834423">https://bugzilla.redhat.com/show_bug.cgi?id=1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2144072">https://bugzilla.redhat.com/show_bug.cgi?id=2144072</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061</a>
|
|
<a href="https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y">https://docs.google.com/document/d/1KjuF_aXlzPUxTK4BMgezGJ2Pn7uevfX7g0_mvgHlL7Y</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2022-7323.html">https://errata.almalinux.org/9/ALSA-2022-7323.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0833">https://errata.rockylinux.org/RLSA-2023:0833</a>
|
|
<a href="https://github.com/python/cpython/issues/95778">https://github.com/python/cpython/issues/95778</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2020-10735.html">https://linux.oracle.com/cve/CVE-2020-10735.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0833.html">https://linux.oracle.com/errata/ELSA-2023-0833.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2VCU6EVQDIXNCEDJUCTFIER2WVNNDTYZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/32AAQKABEKFCB5DDV5OONRZK6BS23HPW/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EWKR2SPX3JORLWCXFY3KN2U5B5CIUQQ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XL6E5A3I36TRR73VNBOXNIQP4AMZDFZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76YE7AM37MRU76XJV4M27CWDAMUGNRYK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSRPVJZL6DJFWKYRHMNJB7VCEUCBKRF5/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NHC6IUU7CLRQ3QLPWUXLONSG3SXFTR47/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5U223OE5ZOUHZAZYSYSWVJQIKDE73E/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OT5WQB7Z3CXOWVBD2AFAHYPA5ONYFFZ4/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PD7FTLJOIGMUSCDR3JAN6WRFHJEE4PH5/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZYJSGLSCQOKXXFVJVJQAXLEOJBIWGEL/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TD7JDDKJXK6D26XAN3YRFNM2LAJHT5UO/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMWPRAAJS7I6U3U45V7GZVXWNSECI22M/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4ZZV4CDFRMTPDBI7C5L43RFL3XLIGUY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBPDVCDIUCEBE7C4NAGNA2KQJYOTPBAZ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V7ZUJDHK7KNG6SLIFXW7MNZ6O2PUJYK6/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/">https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZEOAJWGGY55QU35UM2OVZATBW5MX2OZD/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2020-10735">https://nvd.nist.gov/vuln/detail/CVE-2020-10735</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">python3-libs</td>
|
|
<td>CVE-2021-28861</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2022:8353">https://access.redhat.com/errata/RHSA-2022:8353</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2021-28861">https://access.redhat.com/security/cve/CVE-2021-28861</a>
|
|
<a href="https://bugs.python.org/issue43223">https://bugs.python.org/issue43223</a>
|
|
<a href="https://bugzilla.redhat.com/2075390">https://bugzilla.redhat.com/2075390</a>
|
|
<a href="https://bugzilla.redhat.com/2120642">https://bugzilla.redhat.com/2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2054702">https://bugzilla.redhat.com/show_bug.cgi?id=2054702</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2059951">https://bugzilla.redhat.com/show_bug.cgi?id=2059951</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2075390">https://bugzilla.redhat.com/show_bug.cgi?id=2075390</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2128249">https://bugzilla.redhat.com/show_bug.cgi?id=2128249</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-20107</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2022-8353.html">https://errata.almalinux.org/9/ALSA-2022-8353.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2022:8353">https://errata.rockylinux.org/RLSA-2022:8353</a>
|
|
<a href="https://github.com/python/cpython/pull/24848">https://github.com/python/cpython/pull/24848</a>
|
|
<a href="https://github.com/python/cpython/pull/93879">https://github.com/python/cpython/pull/93879</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2021-28861.html">https://linux.oracle.com/cve/CVE-2021-28861.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0833.html">https://linux.oracle.com/errata/ELSA-2023-0833.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2TRINJE3INWDVIHIABW4L2NP3RUSK7BJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5LTSPFIULY2GZJN3QYNFVM4JSU6H4D6J/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OABQ5CMPQETJLFHROAXDIDXCMDTNVYG/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DISZAFSIQ7IAPAEQTC7G2Z5QUA2V2PSW/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HPX4XHT2FGVQYLY2STT2MRVENILNZTTU/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I3MQT5ZE3QH5PVDJMERTBOCILHK35CBE/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFGV7P2PYFBMK32OKHCAC2ZPJQV5AUDF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KRGKPYA5YHIXQAMRIXO5DSCX7D4UUW4Q/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OKYE2DOI2X7WZXAWTQJZAXYIWM37HDCY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLE5INSVJUZJGY5OJXV6JREXWD7UDHYN/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S7G66SRWUM36ENQ3X6LAIG7HAB27D4XJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TZEPOPUFC42KXXSLFPZ47ZZRGPOR7SQE/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WXF6MQ74HVIDDSR5AE2UDR24I6D4FEPC/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X46T4EFTIBXZRYTGASBDEZGYJINH2OWV/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2021-28861">https://nvd.nist.gov/vuln/detail/CVE-2021-28861</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5629-1">https://ubuntu.com/security/notices/USN-5629-1</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5888-1">https://ubuntu.com/security/notices/USN-5888-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">python3-libs</td>
|
|
<td>CVE-2022-45061</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">3.6.8-48.el8_7.rocky.0</td>
|
|
<td>3.6.8-48.el8_7.1.rocky.0</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0953">https://access.redhat.com/errata/RHSA-2023:0953</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-45061">https://access.redhat.com/security/cve/CVE-2022-45061</a>
|
|
<a href="https://bugzilla.redhat.com/2144072">https://bugzilla.redhat.com/2144072</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=1834423">https://bugzilla.redhat.com/show_bug.cgi?id=1834423</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2120642">https://bugzilla.redhat.com/show_bug.cgi?id=2120642</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2144072">https://bugzilla.redhat.com/show_bug.cgi?id=2144072</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10735</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28861</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45061</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0953.html">https://errata.almalinux.org/9/ALSA-2023-0953.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0833">https://errata.rockylinux.org/RLSA-2023:0833</a>
|
|
<a href="https://github.com/python/cpython/issues/98433">https://github.com/python/cpython/issues/98433</a>
|
|
<a href="https://github.com/python/cpython/pull/99092">https://github.com/python/cpython/pull/99092</a>
|
|
<a href="https://github.com/python/cpython/pull/99230 (3.9-branch)">https://github.com/python/cpython/pull/99230 (3.9-branch)</a>
|
|
<a href="https://github.com/python/cpython/pull/99231 (3.8-branch)">https://github.com/python/cpython/pull/99231 (3.8-branch)</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-45061.html">https://linux.oracle.com/cve/CVE-2022-45061.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0953.html">https://linux.oracle.com/errata/ELSA-2023-0953.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AOUKI72ACV6CHY2QUFO6VK2DNMVJ2MB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35YDIWCUMWTMDBWFRAVENFH6BLB65D6S/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4WBZJNSALFGMPYTINIF57HAAK46U72WQ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63FS6VHY4DCS74HBTEINUDOECQ2X6ZCH/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7WQPHKGNXUJC3TC3BDW5RKGROWRJVSFR/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3YI6JYARWU6GULWOHNUROSACT54XFFS/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTPVDZDATRQFE6KAT6B4BQIQ4GRHIIIJ/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN26PWZTYG6IF3APLRXQJBVACQHZUPT2/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCDJXNBHWXNYUTOEV4H2HCFSRKV3SYL3/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JTYVESWVBPD57ZJC35G5722Q6TS37WSB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNE4GMD45RGC2HWUAAIGTDHT5VJ2E4O4/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKWAMPURWUV3DCCT4J7VHRF4NT2CFVBR/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O67LRHDTJWH544KXB6KY4HMHQLYDXFPK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORVCQGJCCAVLN4DJDTWGREFCUWXKQRML/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLQ2BNZVBBAQPV3SPRU24ZD37UYJJS7W/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QLUGZSEAO3MBWGKCUSMKQIRYJZKJCIOB/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDK3ZZBRYFO47ET3N4BNTKVXN47U6ICY/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RH57BNT4VQERGEJ5SXNXSVMDYP66YD4H/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTN2OOLKYTG34DODUEJGT5MLC2PFGPBA/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T3D5TX4TDJPXHXD2QICKTY3OCQC3JARP/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UHVW73QZJMHA4MK7JBT7CXX7XSNYQEGF/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMDX6IFKLOA3NXUQEV524L5LHTPI2JI/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X3EJ6J7PXVQOULBQZQGBXCXY6LFF6LZD/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XXZJL3CNAFS5PAIR7K4RL62S3Y7THR7O/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YPNWZKXPKTNHS5FVMN7UQZ2UPCSEFJUK/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB5YCMIRVX35RUB6XPOWKENCVCJEVDRK/</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-45061">https://nvd.nist.gov/vuln/detail/CVE-2022-45061</a>
|
|
<a href="https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html">https://python-security.readthedocs.io/vuln/slow-idna-large-strings.html</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20221209-0007/">https://security.netapp.com/advisory/ntap-20221209-0007/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5767-1">https://ubuntu.com/security/notices/USN-5767-1</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5767-2">https://ubuntu.com/security/notices/USN-5767-2</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5888-1">https://ubuntu.com/security/notices/USN-5888-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">python3-setuptools-wheel</td>
|
|
<td>CVE-2022-40897</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">39.2.0-6.el8</td>
|
|
<td>39.2.0-6.el8_7.1</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0952">https://access.redhat.com/errata/RHSA-2023:0952</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-40897">https://access.redhat.com/security/cve/CVE-2022-40897</a>
|
|
<a href="https://bugzilla.redhat.com/2158559">https://bugzilla.redhat.com/2158559</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2158559">https://bugzilla.redhat.com/show_bug.cgi?id=2158559</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0952.html">https://errata.almalinux.org/9/ALSA-2023-0952.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0835">https://errata.rockylinux.org/RLSA-2023:0835</a>
|
|
<a href="https://github.com/advisories/GHSA-r9hx-vwmv-q579">https://github.com/advisories/GHSA-r9hx-vwmv-q579</a>
|
|
<a href="https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200">https://github.com/pypa/setuptools/blob/fe8a98e696241487ba6ac9f91faa38ade939ec5d/setuptools/package_index.py#L200</a>
|
|
<a href="https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be">https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be</a>
|
|
<a href="https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1">https://github.com/pypa/setuptools/compare/v65.5.0...v65.5.1</a>
|
|
<a href="https://github.com/pypa/setuptools/issues/3659">https://github.com/pypa/setuptools/issues/3659</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-40897.html">https://linux.oracle.com/cve/CVE-2022-40897.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0952.html">https://linux.oracle.com/errata/ELSA-2023-0952.html</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-40897">https://nvd.nist.gov/vuln/detail/CVE-2022-40897</a>
|
|
<a href="https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/">https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/</a>
|
|
<a href="https://pyup.io/vulnerabilities/CVE-2022-40897/52495/">https://pyup.io/vulnerabilities/CVE-2022-40897/52495/</a>
|
|
<a href="https://security.netapp.com/advisory/ntap-20230214-0001/">https://security.netapp.com/advisory/ntap-20230214-0001/</a>
|
|
<a href="https://setuptools.pypa.io/en/latest/">https://setuptools.pypa.io/en/latest/</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5817-1">https://ubuntu.com/security/notices/USN-5817-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">systemd</td>
|
|
<td>CVE-2022-4415</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">239-68.el8_7.2</td>
|
|
<td>239-68.el8_7.4</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0954">https://access.redhat.com/errata/RHSA-2023:0954</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-4415">https://access.redhat.com/security/cve/CVE-2022-4415</a>
|
|
<a href="https://bugzilla.redhat.com/2149063">https://bugzilla.redhat.com/2149063</a>
|
|
<a href="https://bugzilla.redhat.com/2155515">https://bugzilla.redhat.com/2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2155515">https://bugzilla.redhat.com/show_bug.cgi?id=2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2164049">https://bugzilla.redhat.com/show_bug.cgi?id=2164049</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0954.html">https://errata.almalinux.org/9/ALSA-2023-0954.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0837">https://errata.rockylinux.org/RLSA-2023:0837</a>
|
|
<a href="https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c">https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-4415.html">https://linux.oracle.com/cve/CVE-2022-4415.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0954.html">https://linux.oracle.com/errata/ELSA-2023-0954.html</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-4415">https://nvd.nist.gov/vuln/detail/CVE-2022-4415</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5928-1">https://ubuntu.com/security/notices/USN-5928-1</a>
|
|
<a href="https://www.openwall.com/lists/oss-security/2022/12/21/3">https://www.openwall.com/lists/oss-security/2022/12/21/3</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">systemd-libs</td>
|
|
<td>CVE-2022-4415</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">239-68.el8_7.2</td>
|
|
<td>239-68.el8_7.4</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0954">https://access.redhat.com/errata/RHSA-2023:0954</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-4415">https://access.redhat.com/security/cve/CVE-2022-4415</a>
|
|
<a href="https://bugzilla.redhat.com/2149063">https://bugzilla.redhat.com/2149063</a>
|
|
<a href="https://bugzilla.redhat.com/2155515">https://bugzilla.redhat.com/2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2155515">https://bugzilla.redhat.com/show_bug.cgi?id=2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2164049">https://bugzilla.redhat.com/show_bug.cgi?id=2164049</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0954.html">https://errata.almalinux.org/9/ALSA-2023-0954.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0837">https://errata.rockylinux.org/RLSA-2023:0837</a>
|
|
<a href="https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c">https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-4415.html">https://linux.oracle.com/cve/CVE-2022-4415.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0954.html">https://linux.oracle.com/errata/ELSA-2023-0954.html</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-4415">https://nvd.nist.gov/vuln/detail/CVE-2022-4415</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5928-1">https://ubuntu.com/security/notices/USN-5928-1</a>
|
|
<a href="https://www.openwall.com/lists/oss-security/2022/12/21/3">https://www.openwall.com/lists/oss-security/2022/12/21/3</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">systemd-pam</td>
|
|
<td>CVE-2022-4415</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">239-68.el8_7.2</td>
|
|
<td>239-68.el8_7.4</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0954">https://access.redhat.com/errata/RHSA-2023:0954</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-4415">https://access.redhat.com/security/cve/CVE-2022-4415</a>
|
|
<a href="https://bugzilla.redhat.com/2149063">https://bugzilla.redhat.com/2149063</a>
|
|
<a href="https://bugzilla.redhat.com/2155515">https://bugzilla.redhat.com/2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2155515">https://bugzilla.redhat.com/show_bug.cgi?id=2155515</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2164049">https://bugzilla.redhat.com/show_bug.cgi?id=2164049</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0954.html">https://errata.almalinux.org/9/ALSA-2023-0954.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0837">https://errata.rockylinux.org/RLSA-2023:0837</a>
|
|
<a href="https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c">https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-4415.html">https://linux.oracle.com/cve/CVE-2022-4415.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0954.html">https://linux.oracle.com/errata/ELSA-2023-0954.html</a>
|
|
<a href="https://nvd.nist.gov/vuln/detail/CVE-2022-4415">https://nvd.nist.gov/vuln/detail/CVE-2022-4415</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5928-1">https://ubuntu.com/security/notices/USN-5928-1</a>
|
|
<a href="https://www.openwall.com/lists/oss-security/2022/12/21/3">https://www.openwall.com/lists/oss-security/2022/12/21/3</a>
|
|
</td>
|
|
</tr>
|
|
<tr class="severity-MEDIUM">
|
|
<td class="pkg-name">tar</td>
|
|
<td>CVE-2022-48303</td>
|
|
<td class="severity">MEDIUM</td>
|
|
<td class="pkg-version">2:1.30-6.el8</td>
|
|
<td>2:1.30-6.el8_7.1</td>
|
|
<td class="links" data-more-links="off">
|
|
<a href="https://access.redhat.com/errata/RHSA-2023:0959">https://access.redhat.com/errata/RHSA-2023:0959</a>
|
|
<a href="https://access.redhat.com/security/cve/CVE-2022-48303">https://access.redhat.com/security/cve/CVE-2022-48303</a>
|
|
<a href="https://bugzilla.redhat.com/2149722">https://bugzilla.redhat.com/2149722</a>
|
|
<a href="https://bugzilla.redhat.com/show_bug.cgi?id=2149722">https://bugzilla.redhat.com/show_bug.cgi?id=2149722</a>
|
|
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48303</a>
|
|
<a href="https://errata.almalinux.org/9/ALSA-2023-0959.html">https://errata.almalinux.org/9/ALSA-2023-0959.html</a>
|
|
<a href="https://errata.rockylinux.org/RLSA-2023:0842">https://errata.rockylinux.org/RLSA-2023:0842</a>
|
|
<a href="https://linux.oracle.com/cve/CVE-2022-48303.html">https://linux.oracle.com/cve/CVE-2022-48303.html</a>
|
|
<a href="https://linux.oracle.com/errata/ELSA-2023-0959.html">https://linux.oracle.com/errata/ELSA-2023-0959.html</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/</a>
|
|
<a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/</a>
|
|
<a href="https://savannah.gnu.org/bugs/?62387">https://savannah.gnu.org/bugs/?62387</a>
|
|
<a href="https://savannah.gnu.org/patch/?10307">https://savannah.gnu.org/patch/?10307</a>
|
|
<a href="https://ubuntu.com/security/notices/USN-5900-1">https://ubuntu.com/security/notices/USN-5900-1</a>
|
|
</td>
|
|
</tr>
|
|
<tr><th colspan="6">No Misconfigurations found</th></tr>
|
|
</table>
|
|
</body>
|
|
</html>
|