Bug 2292921 (CVE-2024-4032)
Summary: | CVE-2024-4032 python: incorrect IPv4 and IPv6 private ranges | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Robb Gatica <rgatica> |
Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
Status: | NEW --- | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | agarcial, aoconnor, aprice, asegurap, bdettelb, caswilli, dfreiber, drow, jburrell, jmitchel, jsamir, jsherril, jtanner, kaycoth, kholdawa, kshier, mpierce, orabin, psegedy, sthirugn, vkrizan, vkumar, xiaoxwan, zzhou |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | CPython 3.12.4, CPython 3.13.0a6 | Doc Type: | --- |
Doc Text: |
A flaw was found in Python. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. Due to this issue, it is possible that values will not be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2293396, 2293387, 2293389, 2293390, 2293391, 2293392, 2293393, 2293394, 2293395, 2293397 | ||
Bug Blocks: | 2292923 |
Description
Robb Gatica
2024-06-18 16:50:01 UTC
Created mingw-python3 tracking bugs for this issue: Affects: fedora-all [bug 2293389] Created python3.10 tracking bugs for this issue: Affects: fedora-all [bug 2293390] Created python3.11 tracking bugs for this issue: Affects: fedora-all [bug 2293391] Created python3.12 tracking bugs for this issue: Affects: fedora-all [bug 2293392] Created python3.13 tracking bugs for this issue: Affects: fedora-all [bug 2293393] Created python3.6 tracking bugs for this issue: Affects: fedora-all [bug 2293394] Created python3.7 tracking bugs for this issue: Affects: fedora-all [bug 2293395] Created python3.8 tracking bugs for this issue: Affects: fedora-all [bug 2293396] Created python3.9 tracking bugs for this issue: Affects: fedora-all [bug 2293397] Created python34 tracking bugs for this issue: Affects: epel-all [bug 2293387] This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:4766 https://access.redhat.com/errata/RHSA-2024:4766 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:4779 https://access.redhat.com/errata/RHSA-2024:4779 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:5962 https://access.redhat.com/errata/RHSA-2024:5962 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2024:6030 https://access.redhat.com/errata/RHSA-2024:6030 |