ALT-BU-2024-4503-5
Branch p10 update bulletin.
Package python3-module-GitPython updated to version 3.1.42-alt0.p10.1 for branch p10 in task 341197.
Closed vulnerabilities
BDU:2024-00628
Уязвимость библиотеки Python для взаимодействия с git-репозиториями GitPython, связанная с использованием ненадёжного пути поиска, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями
Modified: 2024-11-21
CVE-2024-22190
GitPython is a python library used to interact with Git repositories. There is an incomplete fix for CVE-2023-40590. On Windows, GitPython uses an untrusted search path if it uses a shell to run `git`, as well as when it runs `bash.exe` to interpret hooks. If either of those features are used on Windows, a malicious `git.exe` or `bash.exe` may be run from an untrusted repository. This issue has been patched in version 3.1.41.
- https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f
- https://github.com/gitpython-developers/GitPython/commit/ef3192cc414f2fd9978908454f6fd95243784c7f
- https://github.com/gitpython-developers/GitPython/pull/1792
- https://github.com/gitpython-developers/GitPython/pull/1792
- https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx
- https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx
Closed bugs
>= 3.1.41
Package python3-module-pycryptodomex updated to version 3.20.0-alt1 for branch p10 in task 341197.
Closed vulnerabilities
BDU:2024-00329
Уязвимость библиотек для генерации биткоин-адресов и приватных ключей PyCryptodome и PyCryptodomeX, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
Modified: 2024-11-21
CVE-2023-52323
PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger attack.
Closed bugs
>= 3.19.1
Package python3-module-jinja2 updated to version 3.0.1-alt1.p10.1 for branch p10 in task 341197.
Closed vulnerabilities
BDU:2019-01179
Уязвимость функции from_string шаблонизатора Jinja2 для языка программирования Python, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
BDU:2024-00884
Уязвимость фильтра xmlattr шаблонизатора Jinja2 для языка программирования Python, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
Modified: 2024-11-21
CVE-2014-0012
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402.
- [oss-security] 20140110 CVE assignment for jinja2
- [oss-security] 20140110 CVE assignment for jinja2
- 56328
- 56328
- 60738
- 60738
- GLSA-201408-13
- GLSA-201408-13
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
- https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
- https://github.com/mitsuhiko/jinja2/pull/292
- https://github.com/mitsuhiko/jinja2/pull/292
- https://github.com/mitsuhiko/jinja2/pull/296
- https://github.com/mitsuhiko/jinja2/pull/296
Modified: 2024-11-21
CVE-2014-1402
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with __jinja2_ in /tmp.
- http://advisories.mageia.org/MGASA-2014-0028.html
- http://advisories.mageia.org/MGASA-2014-0028.html
- http://jinja.pocoo.org/docs/changelog/
- http://jinja.pocoo.org/docs/changelog/
- [oss-security] 20140110 CVE Request: python-jinja2: arbitrary code execution vulnerability
- [oss-security] 20140110 CVE Request: python-jinja2: arbitrary code execution vulnerability
- [oss-security] 20140110 Re: CVE Request: python-jinja2: arbitrary code execution vulnerability
- [oss-security] 20140110 Re: CVE Request: python-jinja2: arbitrary code execution vulnerability
- RHSA-2014:0747
- RHSA-2014:0747
- RHSA-2014:0748
- RHSA-2014:0748
- 56287
- 56287
- 58783
- 58783
- 58918
- 58918
- 59017
- 59017
- 60738
- 60738
- 60770
- 60770
- GLSA-201408-13
- GLSA-201408-13
- MDVSA-2014:096
- MDVSA-2014:096
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734747
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- https://bugzilla.redhat.com/show_bug.cgi?id=1051421
- [El-errata] 20140611 Oracle Linux Security Advisory ELSA-2014-0747
- [El-errata] 20140611 Oracle Linux Security Advisory ELSA-2014-0747
Modified: 2024-11-21
CVE-2019-8341
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing
- openSUSE-SU-2019:1395
- openSUSE-SU-2019:1614
- https://bugzilla.redhat.com/show_bug.cgi?id=1677653
- https://bugzilla.suse.com/show_bug.cgi?id=1125815
- https://github.com/JameelNabbo/Jinja2-Code-execution
- 46386
- openSUSE-SU-2019:1395
- 46386
- https://github.com/JameelNabbo/Jinja2-Code-execution
- https://bugzilla.suse.com/show_bug.cgi?id=1125815
- https://bugzilla.redhat.com/show_bug.cgi?id=1677653
- openSUSE-SU-2019:1614
Modified: 2025-02-13
CVE-2024-22195
Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.
- https://github.com/pallets/jinja/releases/tag/3.1.3
- https://github.com/pallets/jinja/releases/tag/3.1.3
- https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
- https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95
- https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DELCVUUYX75I5K4Q5WMJG4MUZJA6VAIP/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7YWRBX6JQCWC2XXCTZ55C7DPMGICCN3/
Closed bugs
Игнорировать reason-phrase по http
Closed vulnerabilities
Modified: 2024-11-21
CVE-2024-22231
Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.
Modified: 2024-11-21
CVE-2024-22232
A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master’s filesystem.