Oracle Linux: CVE-2024-6923: ELSA-2024-6179: python3.11 security update (MODERATE) (Multiple Advisories)
Description
There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. A vulnerability was found in the email module that uses Python language. The email module doesn't properly quote new lines in email headers. This flaw allows an attacker to inject email headers that could, among other possibilities, add hidden email destinations or inject content into the email, impacting data confidentiality and integrity.
Solution(s)
- oracle-linux-upgrade-platform-python
- oracle-linux-upgrade-platform-python-debug
- oracle-linux-upgrade-platform-python-devel
- oracle-linux-upgrade-python3
- oracle-linux-upgrade-python3-11
- oracle-linux-upgrade-python3-11-debug
- oracle-linux-upgrade-python3-11-devel
- oracle-linux-upgrade-python3-11-idle
- oracle-linux-upgrade-python3-11-libs
- oracle-linux-upgrade-python3-11-rpm-macros
- oracle-linux-upgrade-python3-11-test
- oracle-linux-upgrade-python3-11-tkinter
- oracle-linux-upgrade-python3-12
- oracle-linux-upgrade-python3-12-debug
- oracle-linux-upgrade-python3-12-devel
- oracle-linux-upgrade-python3-12-idle
- oracle-linux-upgrade-python3-12-libs
- oracle-linux-upgrade-python3-12-rpm-macros
- oracle-linux-upgrade-python3-12-test
- oracle-linux-upgrade-python3-12-tkinter
- oracle-linux-upgrade-python39
- oracle-linux-upgrade-python39-cffi
- oracle-linux-upgrade-python39-chardet
- oracle-linux-upgrade-python39-cryptography
- oracle-linux-upgrade-python39-debug
- oracle-linux-upgrade-python39-devel
- oracle-linux-upgrade-python39-idle
- oracle-linux-upgrade-python39-idna
- oracle-linux-upgrade-python39-libs
- oracle-linux-upgrade-python39-lxml
- oracle-linux-upgrade-python39-mod-wsgi
- oracle-linux-upgrade-python39-numpy
- oracle-linux-upgrade-python39-numpy-doc
- oracle-linux-upgrade-python39-numpy-f2py
- oracle-linux-upgrade-python39-pip
- oracle-linux-upgrade-python39-pip-wheel
- oracle-linux-upgrade-python39-ply
- oracle-linux-upgrade-python39-psutil
- oracle-linux-upgrade-python39-psycopg2
- oracle-linux-upgrade-python39-psycopg2-doc
- oracle-linux-upgrade-python39-psycopg2-tests
- oracle-linux-upgrade-python39-pycparser
- oracle-linux-upgrade-python39-pymysql
- oracle-linux-upgrade-python39-pysocks
- oracle-linux-upgrade-python39-pyyaml
- oracle-linux-upgrade-python39-requests
- oracle-linux-upgrade-python39-rpm-macros
- oracle-linux-upgrade-python39-scipy
- oracle-linux-upgrade-python39-setuptools
- oracle-linux-upgrade-python39-setuptools-wheel
- oracle-linux-upgrade-python39-six
- oracle-linux-upgrade-python39-test
- oracle-linux-upgrade-python39-tkinter
- oracle-linux-upgrade-python39-toml
- oracle-linux-upgrade-python39-urllib3
- oracle-linux-upgrade-python39-wheel
- oracle-linux-upgrade-python39-wheel-wheel
- oracle-linux-upgrade-python3-debug
- oracle-linux-upgrade-python3-devel
- oracle-linux-upgrade-python3-idle
- oracle-linux-upgrade-python3-libs
- oracle-linux-upgrade-python3-test
- oracle-linux-upgrade-python3-tkinter
- oracle-linux-upgrade-python-unversioned-command
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center