RLSA-2023:6712

Synopsis

Moderate: python-wheel security update

Description

Wheel is the reference implementation of the Python wheel packaging standard, as defined in PEP 427.

Security Fix(es):

* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9.3 Release Notes linked from the References section.

Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2165864

CVEs

CVE-2022-40898

Affected packages

Rocky Linux 9 aarch64 - CRB

python-wheel-1:0.36.2-8.el9.src.rpm python3-wheel-1:0.36.2-8.el9.noarch.rpm python3-wheel-wheel-1:0.36.2-8.el9.noarch.rpm

Rocky Linux 9 ppc64le - CRB

python-wheel-1:0.36.2-8.el9.src.rpm python3-wheel-1:0.36.2-8.el9.noarch.rpm python3-wheel-wheel-1:0.36.2-8.el9.noarch.rpm

Rocky Linux 9 s390x - CRB

python-wheel-1:0.36.2-8.el9.src.rpm python3-wheel-1:0.36.2-8.el9.noarch.rpm python3-wheel-wheel-1:0.36.2-8.el9.noarch.rpm

Rocky Linux 9 x86_64 - CRB

python-wheel-1:0.36.2-8.el9.src.rpm python3-wheel-1:0.36.2-8.el9.noarch.rpm python3-wheel-wheel-1:0.36.2-8.el9.noarch.rpm