Updated jupyter-notebook packages fix security vulnerabilities
Publication date: 16 Mar 2024Modification date: 16 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2022-24785 , CVE-2022-31129
Description
Path traversal in moment.locale. (CVE-2022-24785)
Inefficient parsing algorithim resulting in DoS. (CVE-2022-31129)
References
- https://bugs.mageia.org/show_bug.cgi?id=30664
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/
- https://ubuntu.com/security/notices/USN-5559-1
- https://www.debian.org/lts/security/2023/dla-3295
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24785
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31129
SRPMS
9/core
- jupyter-notebook-6.4.12-1.1.mga9