important: curl/python3 security update
important
An update for curl/python3 is now available for NewStart CGSL MAIN 6.06.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
curl:
python3:
Security Fix(es):
curl: A flaw was found in curl that verifies a given cookie domain against the Public Suffix List. This issue could allow a malicious HTTP server to set "super cookies" in curl that are passed back to more origins than what is otherwise allowed or possible.(CVE-2023-46218)
curl: bugfix
python3: A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.(CVE-2020-10735)
python3: A vulnerability was found in python. This security flaw causes an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of the URI path. This issue may lead to information disclosure.(CVE-2021-28861)
python3: A vulnerability was discovered in Python. A quadratic algorithm exists when processing inputs to the IDNA (RFC 3490) decoder, such that a crafted unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor, which could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied hostname.(CVE-2022-45061)
python3: A use-after-free vulnerability was found in Python via the heappushpop function in the heapq module. This flaw allows an attacker to submit a specially crafted request, causing a service disruption that leads to a denial of service attack.(CVE-2022-48560)
python3: A vulnerability was found in the Python core plistlib library within the read_ints() function in the plistlib.py file. In malformed input, the implementation can be manipulated to create an argument for struct.unpack(). This issue can lead to excessive CPU and memory consumption, resulting in a MemError, as it constructs the 'format' argument for unpack(). This flaw allows an attacker to employ a binary plist input, potentially executing a denial of service (DoS) attack by exhausting CPU and RAM resources.(CVE-2022-48564)
python3: The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.(CVE-2023-27043)
python3: Python ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.(CVE-2023-40217)
python3: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.06.04P3B6.