moderate: dnsmasq/python-cryptography security update
moderate
An update for dnsmasq/python-cryptography is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
dnsmasq:
python-cryptography:
Security Fix(es):
dnsmasq: A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.(CVE-2023-28450)
dnsmasq: bugfix
python-cryptography: A vulnerability was found in python-cryptography. In affected versions, `Cipher.update_into` would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects (such as `bytes`) to be mutated, thus violating the fundamental rules of Python, resulting in corrupted output.(CVE-2023-23931)
python-cryptography: A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "load_pem_pkcs7_certificates" or "load_der_pkcs7_certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service (DoS) for any application aiming to deserialize a PKCS7 blob or certificate. The potential impact includes disruptions in system availability and stability.(CVE-2023-49083)
python-cryptography: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.01B6.
© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2
全国服务热线:400-033-0108