[ALSA-2024:9193] Moderate: python3.12-PyMySQL security update
Type:
security
Severity:
moderate
Release date:
2024-11-18
Description:
This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. Security Fix(es): * python-pymysql: SQL injection if used with untrusted JSON input (CVE-2024-36039) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
noarch python3.12-PyMySQL+rsa-1.1.0-3.el9.noarch.rpm 665de27ef3f4760443b3dea2bc9d92b783ae9d3e58aa7f7e915ff7bd024e1b71
noarch python3.12-PyMySQL-1.1.0-3.el9.noarch.rpm ca24e6b68867f6338171b2ec1d569c507a998ffad99a5a9eef972f5e72376e83
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.