English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
146377 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.856161
Categoría:openSUSE Local Security Checks
Título:openSUSE Security Advisory (SUSE-SU-2024:1639-1)
Resumen:The remote host is missing an update for the 'python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-arcomplete, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict' package(s) announced via the SUSE-SU-2024:1639-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-arcomplete, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict' package(s) announced via the SUSE-SU-2024:1639-1 advisory.

Vulnerability Insight:
- :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml` file.
The old entries ``[[tool.towncrier.type]]`` are deprecated and need
to be replaced by ``[tool.towncrier.fragment.]``.
- Deprecations:
- :gh:`372`: Deprecate support for Python 3.6.
Python 3.6 reached its end of life and isn't supported anymore.
At the time of writing (Dec 2022), the lowest version is 3.7.
Although the `poll <[link moved to references]
didn't cast many votes, the majority agree to remove support for
Python 3.6.
- Improved Documentation:
- :gh:`335`: Add new section 'Converting versions between PyPI and semver' the limitations
and possible use cases to convert from one into the other versioning scheme.
- :gh:`340`: Describe how to get version from a file
- :gh:`343`: Describe combining Pydantic with semver in the 'Advanced topic'
section.
- :gh:`350`: Restructure usage section. Create subdirectory 'usage/' and splitted
all section into different files.
- :gh:`351`: Introduce new topics for:
* 'Migration to semver3'
* 'Advanced topics'
- Features:
- :pr:`359`: Add optional parameter ``optional_minor_and_patch`` in :meth:`.Version.parse` to allow optional
minor and patch parts.
- :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match expression, defaulting to
equality testing.
- :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the
:command:`pyproject-build` command from the build module.
For more information, see :ref:`build-semver`.
- :gh:`365`: Improve :file:`pyproject.toml`.
* Use setuptools, add metadata. Taken approach from
`A Practical Guide to Setuptools and Pyproject.toml
<[link moved to references].
* Doc: Describe building of semver
* Remove :file:`.travis.yml` in :file:`MANIFEST.in`
(not needed anymore)
* Distinguish between Python 3.6 and others in :file:`tox.ini`
* Add skip_missing_interpreters option for :file:`tox.ini`
* GH Action: Upgrade setuptools and setuptools-scm and test
against 3.11.0-rc.2
- Trivial/Internal Changes:
- :gh:`378`: Fix some typos in Towncrier configuration

- switch to the tagged version rather than a gh branch tarball

- fix support for Python 3.10 with update to development version:
- update to revision g4d2df08:
- Changes for the upcoming release can be found in:
- the `'changelog.d' directory <[link moved to references]:
- in our repository.:
- update to version 3.0.0-dev.2:
- Deprecations:
- :gh:`169`: Deprecate CLI functions not imported from ``semver.cli``.
- Features:
- :gh:`169`: Create semver package and split code among different modules in the packages.
* Remove :file:`semver.py`
* Create :file:`src/semver/__init__.py`
* Create :file:`src/semver/cli.py` for all CLI methods
* Create :file:`src/semver/_deprecated.py` for the ``deprecated`` decorator and other deprecated functions
* Create :file:`src/semver/__main__.py` to allow ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-arcomplete, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-28858
https://github.com/redis/redis-py/compare/v4.3.5...v4.3.6
https://github.com/redis/redis-py/compare/v4.4.2...v4.4.3
https://github.com/redis/redis-py/compare/v4.5.2...v4.5.3
https://github.com/redis/redis-py/issues/2624
https://github.com/redis/redis-py/pull/2641
https://openai.com/blog/march-20-chatgpt-outage
Common Vulnerability Exposure (CVE) ID: CVE-2023-28859
https://github.com/redis/redis-py/issues/2665
https://github.com/redis/redis-py/pull/2666
https://github.com/redis/redis-py/releases/tag/v4.4.4
https://github.com/redis/redis-py/releases/tag/v4.5.4
CopyrightCopyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.