--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-85aa8e5706
2022-07-23 02:26:57.540257
--------------------------------------------------------------------------------
Name : python-notebook
Product : Fedora 35
Version : 6.4.0
Release : 4.fc35
URL :
http://jupyter.org
Summary : A web-based notebook environment for interactive computing
Description :
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2022-24785 and CVE-2022-31129.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 13 2022 Miro Hron��ok <mhroncok(a)redhat.com> - 6.4.0-4
- Fix CVE-2022-24785 and CVE-2022-31129 in bundled moment
- Fixes: rhbz#2075263
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2072009 - CVE-2022-24785 Moment.js: Path traversal in moment.locale
https://bugzilla.redhat.com/show_bug.cgi?id=2072009
[ 2 ] Bug #2105075 - CVE-2022-31129 moment: inefficient parsing algorithim resulting in
DoS
https://bugzilla.redhat.com/show_bug.cgi?id=2105075
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-85aa8e5706' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------