[ALSA-2024:10590] Important: python-tornado security update
Type:
security
Severity:
important
Release date:
2024-12-03
Description:
Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools. Security Fix(es): * python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-tornado-6.4.2-1.el9_5.aarch64.rpm 28e4db1e2cb286f4c7b5a4d772f0957b5bbf95d71b97e1a46668a36bebe5cd10
ppc64le python3-tornado-6.4.2-1.el9_5.ppc64le.rpm 9de8fcc6149b8fd7027b839d64141614ba1f6efc9a995e276d758e4452aa9750
s390x python3-tornado-6.4.2-1.el9_5.s390x.rpm 4f1cb443f94dc97a01dd8ac54cd0135a644484557311d28c62d2d623e4a5ecd6
x86_64 python3-tornado-6.4.2-1.el9_5.x86_64.rpm b302da14e217b2cb5d0a471c141274103d9d88167248ae18cc4f6c0e91cd1395
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.