Advisories » MGASA-2022-0029

Updated python-celery packages fix security vulnerability

Publication date: 25 Jan 2022
Modification date: 25 Jan 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-23727

Description

Stored Command Injection (CVE-2021-23727)
Also fixes unfulfilled python3.8dist(billiard) installing pythone-celery.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29897
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SYXRGHWHD2WWMHBWCVD5ULVINPKNY3P5/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23727

SRPMS

8/core

• python-celery-5.0.5-1.1.mga8
• python-billiard-3.6.4.0-1.mga8