SUSE-SU-2024:4327-1

Details

Description of the patch:

This update for python-aiohttp fixes the following issues:

CVE-2024-30251: Fixed infinite loop on specially crafted POST request (bsc#1223726).

Affected Packages

python311-aiohttp

SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise Desktop 15 SP6SUSE Linux Enterprise High Performance Computing 15 SP4SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

Fixed in:

3.9.3-150400.10.30.1

References

ADVISORY

https://bugzilla.suse.com/1223726

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2024-December/020007.html

ADVISORY

https://www.suse.com/security/cve/CVE-2024-30251/

WEB

https://www.suse.com/support/security/rating/

ADVISORY

https://www.suse.com/support/update/announcement/2024/suse-su-20244327-1/