[ALSA-2023:6523] Moderate: python-tornado security update
Type:
security
Severity:
moderate
Release date:
2023-11-14
Description:
Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fix(es): * python-tornado: open redirect vulnerability in StaticFileHandler under certain configurations (CVE-2023-28370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-tornado-6.1.0-9.el9.aarch64.rpm e152cd88d0aa08deaa4e4b2e8a4a3577c3e73946e50be44473b9f2424251802f
ppc64le python3-tornado-6.1.0-9.el9.ppc64le.rpm a02d7881aa771f15ea9e2cead94d325e1ff67c80d7e7e8efb92070714a3158f5
s390x python3-tornado-6.1.0-9.el9.s390x.rpm 32710e95df7bba079c74bd01de777874a718f731f8c51478f70ddfeefc446b1b
x86_64 python3-tornado-6.1.0-9.el9.x86_64.rpm f6886c4ec0cbcf8018aceaa88ee11d6ca09addfa7d561fea309471896042fab8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.