Summary: | <dev-python/Babel-2.9.1: Arbitrary locale loading weakness (CVE-2021-20095) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ago, mgorny, python |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa+] | ||
Package list: |
dev-python/Babel-2.9.1
|
Runtime testing required: | --- |
Description
Sam James
2021-04-29 19:06:11 UTC
ALLARCHES stable. Closing. Please cleanup (In reply to Agostino Sarubbo from comment #1) > ALLARCHES stable. Closing. It’s a security bug! ;) Already done. GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f6e2e11e7ff841fcf8e693775058b96ef4b3e7b1 commit f6e2e11e7ff841fcf8e693775058b96ef4b3e7b1 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-04 13:53:26 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-04 13:59:54 +0000 [ GLSA 202208-03 ] Babel: Remote code execution Bug: https://bugs.gentoo.org/786954 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-03.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) GLSA released, all done! |