Mailman 3 August 2024 - Security-announce

[CVE-2024-8088] Infinite loop when iterating over zip archive entry names
by Seth Larson Aug. 26, 2024

Aug. 26, 2024

There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When iterating over names of entries in a zip archive (for example, methods of "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. Please see the linked CVE ID for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2024-8088 * https://github.com/python/cpython/pull/122906 * https://github.com/python/cpython/issues/122905

1 1

[CVE-2024-7592] Quadratic complexity parsing cookies with backslashes
by Seth Larson Aug. 19, 2024

Aug. 19, 2024

There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. Please see the linked CVE ID for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2024-7592 * https://github.com/python/cpython/pull/123075 * https://github.com/python/cpython/issues/123067

1 0

[CVE-2024-6923] Email header injection due to unquoted newlines
by Seth Larson Aug. 1, 2024

Aug. 1, 2024

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. Please see the linked CVE for the latest information on affected versions: * https://www.cve.org/CVERecord?id=CVE-2024-6923 * https://github.com/python/cpython/pull/122233 * https://github.com/python/cpython/issues/121650

1 0