Summary: | <dev-python/joblib-1.2.0: Arbitrary Code Execution via the pre_dispatch flag in Parallel() class (CVE-2022-21797) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/joblib/joblib/issues/1128 | ||
Whiteboard: | B1 [glsa+] | ||
Package list: | Runtime testing required: | --- |
Description
filip ambroz
2022-09-27 07:10:24 UTC
dev-python/joblib-1.3.2 is currently the only version available. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=086ee91647926ad5550f1443e004b5f5d1bda7fc commit 086ee91647926ad5550f1443e004b5f5d1bda7fc Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-02 14:38:14 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-02 14:38:51 +0000 [ GLSA 202401-01 ] Joblib: Arbitrary Code Execution Bug: https://bugs.gentoo.org/873151 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-01.xml | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) |