CLSA-2023-1701971140

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1701971140

Upstream

CVE-2022-48564

CVE-2023-40217

Published

2023-12-07T17:45:43Z

Modified

2026-06-04T09:47:08.216742140Z

Summary

Fix CVE(s): CVE-2022-48564, CVE-2023-40217

Details

SECURITY UPDATE: potential DoS attack via CPU and RAM exhaustion
- debian/patches/CVE-2022-48564.patch: Improve validation of Plist files that prevent DoS when processing malformed Apple Property List files in binary format
- CVE-2022-48564
SECURITY UPDATE: TLS handshake bypass
- debian/patches/CVE-2023-40217.patch: Check for & avoid the ssl pre-close flaw. Update SSL tests
- CVE-2023-40217

References

https://errata.cloudlinux.com/ubuntu18_04-els/CLSA-2023-1701971140

Affected packages

TuxCare:Ubuntu:18.04

idle-python3.6

Package

Name: idle-python3.6
Purl: pkg:deb/tuxcare/idle-python3.6?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

libpython3.6

Package

Name: libpython3.6
Purl: pkg:deb/tuxcare/libpython3.6?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

libpython3.6-dev

Package

Name: libpython3.6-dev
Purl: pkg:deb/tuxcare/libpython3.6-dev?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

libpython3.6-minimal

Package

Name: libpython3.6-minimal
Purl: pkg:deb/tuxcare/libpython3.6-minimal?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

libpython3.6-stdlib

Package

Name: libpython3.6-stdlib
Purl: pkg:deb/tuxcare/libpython3.6-stdlib?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

libpython3.6-testsuite

Package

Name: libpython3.6-testsuite
Purl: pkg:deb/tuxcare/libpython3.6-testsuite?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6

Package

Name: python3.6
Purl: pkg:deb/tuxcare/python3.6?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6-dev

Package

Name: python3.6-dev
Purl: pkg:deb/tuxcare/python3.6-dev?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6-doc

Package

Name: python3.6-doc
Purl: pkg:deb/tuxcare/python3.6-doc?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6-examples

Package

Name: python3.6-examples
Purl: pkg:deb/tuxcare/python3.6-examples?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6-minimal

Package

Name: python3.6-minimal
Purl: pkg:deb/tuxcare/python3.6-minimal?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"

python3.6-venv

Package

Name: python3.6-venv
Purl: pkg:deb/tuxcare/python3.6-venv?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.9-1~18.04ubuntu1.12+tuxcare.els6

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1701971140.json"