http://bugs.python.org/issue21082

openSUSE-SU-2014:0596

openSUSE-SU-2014:0597

[oss-security] 20140328 CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python

[oss-security] 20140329 Re: [PSRT] CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python

[oss-security] 20140330 Re: CVE request: os.makedirs(exist_ok=True) is not thread-safe in Python

GLSA-201503-10

This update for python3 to version 3.6.10 fixes the following issues :

  - CVE-2017-18207: Fixed a denial of service in     Wave_read._read_fmt_chunk() (bsc#1083507).

  - CVE-2019-16056: Fixed an issue where email parsing could     fail for multiple @ (bsc#1149955).

  - CVE-2019-15903: Fixed a heap-based buffer over-read in     libexpat (bsc#1149429).

This update was imported from the SUSE:SLE-15:Update update project.

This update for python3 to version 3.6.10 fixes the following issues :

CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507).

CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955).

CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Updated python3 packages fix security vulnerabilities :

ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips (CVE-2013-7338).

A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).

It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit files created by a program using this call. Note that prior versions of Python, including 2.x, do not include the vulnerable _get_masked_mode() function that is used by os.makedirs() when exist_ok is set to True (CVE-2014-2667).

Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the _json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used an an array index, causing the scanstring function to access process memory outside of the string it is intended to access (CVE-2014-4616).

The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary scripts in the server's document root (CVE-2014-4650).

The remote host is affected by the vulnerability described in GLSA-201503-10 (Python: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Python. Please review       the CVE identifiers referenced below for details.
  Impact :

    A context-dependent attacker may be able to execute arbitrary code or       cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

Fixes CVEs 2013-7338 and 2014-2667.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This python update fixes the following security issue :

  - bnc#871152: Fixed race condition with umask when     creating directories with os.mkdirs (CVE-2014-2667).

This python update fixes the following security and non-security issues :

  - bnc#869222: Fixed DoS when opening malicious archives     (CVE-2013-7338).

  - bnc#863741: Fixed buffer overflow in     socket.recvfrom_into (CVE-2014-1912).

  - bnc#871152: Fixed race condition with umask when     creating directories with os.mkdirs (CVE-2014-2667).

  - bnc#637176: Fixed update multilib patch to handle home     install scheme.

ID	Name	Product	Family	Severity
133172	openSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)	Nessus	SuSE Local Security Checks	critical
133036	SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy)	Nessus	SuSE Local Security Checks	critical
82329	Mandriva Linux Security Advisory : python3 (MDVSA-2015:076)	Nessus	Mandriva Local Security Checks	high
82009	GLSA-201503-10 : Python: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
80368	Fedora 19 : python3-3.3.2-11.fc19 (2014-16479)	Nessus	Fedora Local Security Checks	high
79940	Fedora 20 : python3-3.3.2-19.fc20 (2014-16393)	Nessus	Fedora Local Security Checks	high
75344	openSUSE Security Update : python3 (openSUSE-SU-2014:0596-1)	Nessus	SuSE Local Security Checks	low
75343	openSUSE Security Update : python3 (openSUSE-SU-2014:0597-1)	Nessus	SuSE Local Security Checks	high

CVE-2014-2667

low

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

high

medium

high

high

low

high