Message372042
Open source software introduced passively in Python 3.8.3:
sqlite3(Documents involved sqlite3.dll),involve CVE-2020-11656,CVE-2020-11655,CVE-2020-13630,CVE-2020-13871,CVE-2020-9327,CVE-2020-13434,CVE-2020-13435,CVE-2020-13631,CVE-2020-13632
zlib 1.2.3(Documents involved wininst-7.1.exe、wininst-6.0.exe、wininst-9.0.exe、wininst-8.0.exe、wininst-9.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842
zlib 1.2.5(Documents involved wininst-14.0.exe、wininst-14.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842
zlib 1.2.8(Documents involved wininst-10.0.exe、wininst-10.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842
bzip2 1.0.6(Documents involved _bz2.pyd).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842
openssl 1.1.1d(Documents involved _psycopg.cp38-win_amd64.pyd、_openssl.cp38-win_amd64.pyd).involve CVE-2020-1967,CVE-2019-1551
openssl 1.1.1f(Documents involved libcrypto-1_1.dll、libssl-1_1.dll).involve CVE-2020-1967
Does the above vulnerability pose a security risk to products using python 3.8.3, or is there a fix |
|
Date |
User |
Action |
Args |
2020-06-22 07:59:08 | xcl | set | recipients:
+ xcl |
2020-06-22 07:59:08 | xcl | set | messageid: <1592812748.09.0.71716339611.issue41072@roundup.psfhosted.org> |
2020-06-22 07:59:08 | xcl | link | issue41072 messages |
2020-06-22 07:59:07 | xcl | create | |
|