ALT-PU-2024-15822-3
Package python3-module-scipy updated to version 1.6.1-alt3.p10.1 for branch c10f2 in task 362896.
Closed vulnerabilities
BDU:2024-07432
Уязвимость функции Py_FindObjects() библиотеки для языка программирования Python с открытым исходным кодом scipy, позволяющая нарушителю оказывать влияние на конфиденциальность, целостность и доступность системы
BDU:2024-07433
Уязвимость функции Py_FindObjects() библиотеки для языка программирования Python с открытым исходным кодом scipy, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2023-25399
A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly.
- http://www.square16.org/achievement/cve-2023-25399/
- http://www.square16.org/achievement/cve-2023-25399/
- https://github.com/scipy/scipy/issues/16235
- https://github.com/scipy/scipy/issues/16235
- https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328
- https://github.com/scipy/scipy/issues/16235#issuecomment-1625361328
- https://github.com/scipy/scipy/pull/16397
- https://github.com/scipy/scipy/pull/16397
Modified: 2024-11-21
CVE-2023-29824
A use-after-free issue was discovered in Py_FindObjects() function in SciPy versions prior to 1.8.0. NOTE: the vendor and discoverer indicate that this is not a security issue.
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/issues/14713
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/pull/15013
- http://www.square16.org/achievement/cve-2023-29824/
- https://github.com/scipy/scipy/pull/15013
- https://github.com/scipy/scipy/issues/14713#issuecomment-1629468565
- https://github.com/scipy/scipy/issues/14713