Anolis OS update for python39:3.9 module



Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2007-4559
CVE-2001-1267
CVE-2023-32681
CVE-2023-40217
CWE-ID CWE-22
CWE-200
CWE-319
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Public exploit code for vulnerability #3 is available.
Vulnerable software
 Anolis OS
Operating systems & Components / Operating system

python39-setuptools-wheel
Operating systems & Components / Operating system package or component

python39-setuptools
Operating systems & Components / Operating system package or component

python39-rpm-macros
Operating systems & Components / Operating system package or component

python39-requests
Operating systems & Components / Operating system package or component

python39-pip-wheel
Operating systems & Components / Operating system package or component

python39-pip
Operating systems & Components / Operating system package or component

python39-tkinter
Operating systems & Components / Operating system package or component

python39-test
Operating systems & Components / Operating system package or component

python39-scipy
Operating systems & Components / Operating system package or component

python39-mod_wsgi
Operating systems & Components / Operating system package or component

python39-libs
Operating systems & Components / Operating system package or component

python39-idle
Operating systems & Components / Operating system package or component

python39-devel
Operating systems & Components / Operating system package or component

python39
Operating systems & Components / Operating system package or component

python39-numpy-doc
Operating systems & Components / Operating system package or component

python39-numpy-f2py
Operating systems & Components / Operating system package or component

python39-numpy
Operating systems & Components / Operating system package or component

python39-wheel-wheel
Operating systems & Components / Operating system package or component

python39-wheel
Operating systems & Components / Operating system package or component

python39-urllib3
Operating systems & Components / Operating system package or component

python39-toml
Operating systems & Components / Operating system package or component

python39-six
Operating systems & Components / Operating system package or component

python39-pysocks
Operating systems & Components / Operating system package or component

python39-pycparser
Operating systems & Components / Operating system package or component

python39-ply
Operating systems & Components / Operating system package or component

python39-idna
Operating systems & Components / Operating system package or component

python39-chardet
Operating systems & Components / Operating system package or component

python39-PyMySQL
Operating systems & Components / Operating system package or component

python39-pyyaml
Operating systems & Components / Operating system package or component

python39-psycopg2-tests
Operating systems & Components / Operating system package or component

python39-psycopg2-doc
Operating systems & Components / Operating system package or component

python39-psycopg2
Operating systems & Components / Operating system package or component

python39-psutil
Operating systems & Components / Operating system package or component

python39-lxml
Operating systems & Components / Operating system package or component

python39-cryptography
Operating systems & Components / Operating system package or component

python39-cffi
Operating systems & Components / Operating system package or component

Vendor OpenAnolis

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Path traversal

EUVDB-ID: #VU67583

Risk: High

CVSSv4.0: 8.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2007-4559

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to improper validation of filenames in the tarfile module in Python. A remote attacker can create a specially crafted archive with symbolic links inside or filenames that contain directory traversal characters (e.g. "..") and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

python39-setuptools-wheel: before 50.3.2-5

python39-setuptools: before 50.3.2-5

python39-rpm-macros: before 3.9.18-2.0.1

python39-requests: before 2.25.0-3

python39-pip-wheel: before 20.2.4-8

python39-pip: before 20.2.4-8

python39-tkinter: before 3.9.18-2.0.1

python39-test: before 3.9.18-2.0.1

python39-scipy: before 1.5.4-5.0.1

python39-mod_wsgi: before 4.7.1-7

python39-libs: before 3.9.18-2.0.1

python39-idle: before 3.9.18-2.0.1

python39-devel: before 3.9.18-2.0.1

python39: before 3.9.18-2.0.1

python39-numpy-doc: before 1.19.4-3.0.1

python39-numpy-f2py: before 1.19.4-3.0.1

python39-numpy: before 1.19.4-3.0.1

python39-wheel-wheel: before 0.35.1-4

python39-wheel: before 0.35.1-4

python39-urllib3: before 1.25.10-4

python39-toml: before 0.10.1-5

python39-six: before 1.15.0-3

python39-pysocks: before 1.7.1-4

python39-pycparser: before 2.20-3

python39-ply: before 3.11-10

python39-idna: before 2.10-3

python39-chardet: before 3.0.4-19

python39-PyMySQL: before 0.10.1-2

python39-pyyaml: before 5.4.1-1

python39-psycopg2-tests: before 2.8.6-2.0.1

python39-psycopg2-doc: before 2.8.6-2.0.1

python39-psycopg2: before 2.8.6-2.0.1

python39-psutil: before 5.8.0-4.0.1

python39-lxml: before 4.6.5-1

python39-cryptography: before 3.3.1-2

python39-cffi: before 1.14.3-2

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2024:0144


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

2) Path traversal

EUVDB-ID: #VU93014

Risk: High

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2001-1267

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can trick the victim to open a specially crafted archive and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

python39-setuptools-wheel: before 50.3.2-5

python39-setuptools: before 50.3.2-5

python39-rpm-macros: before 3.9.18-2.0.1

python39-requests: before 2.25.0-3

python39-pip-wheel: before 20.2.4-8

python39-pip: before 20.2.4-8

python39-tkinter: before 3.9.18-2.0.1

python39-test: before 3.9.18-2.0.1

python39-scipy: before 1.5.4-5.0.1

python39-mod_wsgi: before 4.7.1-7

python39-libs: before 3.9.18-2.0.1

python39-idle: before 3.9.18-2.0.1

python39-devel: before 3.9.18-2.0.1

python39: before 3.9.18-2.0.1

python39-numpy-doc: before 1.19.4-3.0.1

python39-numpy-f2py: before 1.19.4-3.0.1

python39-numpy: before 1.19.4-3.0.1

python39-wheel-wheel: before 0.35.1-4

python39-wheel: before 0.35.1-4

python39-urllib3: before 1.25.10-4

python39-toml: before 0.10.1-5

python39-six: before 1.15.0-3

python39-pysocks: before 1.7.1-4

python39-pycparser: before 2.20-3

python39-ply: before 3.11-10

python39-idna: before 2.10-3

python39-chardet: before 3.0.4-19

python39-PyMySQL: before 0.10.1-2

python39-pyyaml: before 5.4.1-1

python39-psycopg2-tests: before 2.8.6-2.0.1

python39-psycopg2-doc: before 2.8.6-2.0.1

python39-psycopg2: before 2.8.6-2.0.1

python39-psutil: before 5.8.0-4.0.1

python39-lxml: before 4.6.5-1

python39-cryptography: before 3.3.1-2

python39-cffi: before 1.14.3-2

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2024:0144


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU77164

Risk: Medium

CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2023-32681

CWE-ID: CWE-200 - Information exposure

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. A remote attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

python39-setuptools-wheel: before 50.3.2-5

python39-setuptools: before 50.3.2-5

python39-rpm-macros: before 3.9.18-2.0.1

python39-requests: before 2.25.0-3

python39-pip-wheel: before 20.2.4-8

python39-pip: before 20.2.4-8

python39-tkinter: before 3.9.18-2.0.1

python39-test: before 3.9.18-2.0.1

python39-scipy: before 1.5.4-5.0.1

python39-mod_wsgi: before 4.7.1-7

python39-libs: before 3.9.18-2.0.1

python39-idle: before 3.9.18-2.0.1

python39-devel: before 3.9.18-2.0.1

python39: before 3.9.18-2.0.1

python39-numpy-doc: before 1.19.4-3.0.1

python39-numpy-f2py: before 1.19.4-3.0.1

python39-numpy: before 1.19.4-3.0.1

python39-wheel-wheel: before 0.35.1-4

python39-wheel: before 0.35.1-4

python39-urllib3: before 1.25.10-4

python39-toml: before 0.10.1-5

python39-six: before 1.15.0-3

python39-pysocks: before 1.7.1-4

python39-pycparser: before 2.20-3

python39-ply: before 3.11-10

python39-idna: before 2.10-3

python39-chardet: before 3.0.4-19

python39-PyMySQL: before 0.10.1-2

python39-pyyaml: before 5.4.1-1

python39-psycopg2-tests: before 2.8.6-2.0.1

python39-psycopg2-doc: before 2.8.6-2.0.1

python39-psycopg2: before 2.8.6-2.0.1

python39-psutil: before 5.8.0-4.0.1

python39-lxml: before 4.6.5-1

python39-cryptography: before 3.3.1-2

python39-cffi: before 1.14.3-2

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2024:0144


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) Cleartext transmission of sensitive information

EUVDB-ID: #VU80228

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-40217

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error in ssl.SSLSocket implementation when handling TLS client authentication. A remote attacker can trick the application to send data unencrypted.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

python39-setuptools-wheel: before 50.3.2-5

python39-setuptools: before 50.3.2-5

python39-rpm-macros: before 3.9.18-2.0.1

python39-requests: before 2.25.0-3

python39-pip-wheel: before 20.2.4-8

python39-pip: before 20.2.4-8

python39-tkinter: before 3.9.18-2.0.1

python39-test: before 3.9.18-2.0.1

python39-scipy: before 1.5.4-5.0.1

python39-mod_wsgi: before 4.7.1-7

python39-libs: before 3.9.18-2.0.1

python39-idle: before 3.9.18-2.0.1

python39-devel: before 3.9.18-2.0.1

python39: before 3.9.18-2.0.1

python39-numpy-doc: before 1.19.4-3.0.1

python39-numpy-f2py: before 1.19.4-3.0.1

python39-numpy: before 1.19.4-3.0.1

python39-wheel-wheel: before 0.35.1-4

python39-wheel: before 0.35.1-4

python39-urllib3: before 1.25.10-4

python39-toml: before 0.10.1-5

python39-six: before 1.15.0-3

python39-pysocks: before 1.7.1-4

python39-pycparser: before 2.20-3

python39-ply: before 3.11-10

python39-idna: before 2.10-3

python39-chardet: before 3.0.4-19

python39-PyMySQL: before 0.10.1-2

python39-pyyaml: before 5.4.1-1

python39-psycopg2-tests: before 2.8.6-2.0.1

python39-psycopg2-doc: before 2.8.6-2.0.1

python39-psycopg2: before 2.8.6-2.0.1

python39-psutil: before 5.8.0-4.0.1

python39-lxml: before 4.6.5-1

python39-cryptography: before 3.3.1-2

python39-cffi: before 1.14.3-2

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2024:0144


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###