Synopsis
Important: python-tornado security update
Type/Severity
Security Advisory: Important
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for python-tornado is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Tornado is a Python web framework and asynchronous networking library that provides an open source version of scalable, non-blocking web server and tools.
Security Fix(es):
- python-tornado: Tornado has HTTP cookie parsing DoS vulnerability (CVE-2024-52804)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
Fixes
-
BZ - 2328045
- CVE-2024-52804 python-tornado: Tornado has HTTP cookie parsing DoS vulnerability
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| x86_64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9d24efbd43d243094db6b96d5479082cb6a95517dd8cfc1ea85bb67537deacbf |
|
python3-tornado-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9a175597adf449c034f387ffac478e48b7d90b1c1bde8e8ea8b0ca5f18bd61e7 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: d0e3e7fdfeb9ab0410b2ed8365b3273af5ad0393c9e911807cee0c89058af868 |
Red Hat Enterprise Linux Server - AUS 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| x86_64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9d24efbd43d243094db6b96d5479082cb6a95517dd8cfc1ea85bb67537deacbf |
|
python3-tornado-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9a175597adf449c034f387ffac478e48b7d90b1c1bde8e8ea8b0ca5f18bd61e7 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: d0e3e7fdfeb9ab0410b2ed8365b3273af5ad0393c9e911807cee0c89058af868 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| s390x |
|
python-tornado-debugsource-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: dd5f8068df4c4cd4e3cfee4ca20cc9ea19348f35d3899469d1f38b8ff5148d2a |
|
python3-tornado-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: cc8410476efebc8d64c4814d92b3770440523d1e27ede5e3ed26c16f4455fa87 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: deb23d4b4f64185c6ef8722b175da4be63ba9567f25707804c5e387b803e7b20 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| ppc64le |
|
python-tornado-debugsource-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: 95714664fe3352e54f29dfe53622cec21b6bdd8fc4087b1fdb6cacd0e0eec1f6 |
|
python3-tornado-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: a8372704729f119b1b3f5ecccd74eb70bb7278064ec2898819b352bc25ce5060 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: ab35409cfea984c8829443486da9b4e58af5688b55f17bbb0de05cb04d63c889 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| aarch64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 364e4c1815e9e3b526c422c7aae9ec00e253be2d034d937339e80eb56f0f1006 |
|
python3-tornado-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 73608c59f47141d4666d92bf9e76335788bf3e9383dedf67c8d43244e2c26724 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: b4ada4850f1f9eacf555daaa2551e5971b2e55af0bde92e8cadc6c9a39428764 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| ppc64le |
|
python-tornado-debugsource-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: 95714664fe3352e54f29dfe53622cec21b6bdd8fc4087b1fdb6cacd0e0eec1f6 |
|
python3-tornado-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: a8372704729f119b1b3f5ecccd74eb70bb7278064ec2898819b352bc25ce5060 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: ab35409cfea984c8829443486da9b4e58af5688b55f17bbb0de05cb04d63c889 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| x86_64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9d24efbd43d243094db6b96d5479082cb6a95517dd8cfc1ea85bb67537deacbf |
|
python3-tornado-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9a175597adf449c034f387ffac478e48b7d90b1c1bde8e8ea8b0ca5f18bd61e7 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: d0e3e7fdfeb9ab0410b2ed8365b3273af5ad0393c9e911807cee0c89058af868 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| aarch64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 364e4c1815e9e3b526c422c7aae9ec00e253be2d034d937339e80eb56f0f1006 |
|
python3-tornado-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 73608c59f47141d4666d92bf9e76335788bf3e9383dedf67c8d43244e2c26724 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: b4ada4850f1f9eacf555daaa2551e5971b2e55af0bde92e8cadc6c9a39428764 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| s390x |
|
python-tornado-debugsource-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: dd5f8068df4c4cd4e3cfee4ca20cc9ea19348f35d3899469d1f38b8ff5148d2a |
|
python3-tornado-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: cc8410476efebc8d64c4814d92b3770440523d1e27ede5e3ed26c16f4455fa87 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: deb23d4b4f64185c6ef8722b175da4be63ba9567f25707804c5e387b803e7b20 |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| x86_64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9d24efbd43d243094db6b96d5479082cb6a95517dd8cfc1ea85bb67537deacbf |
|
python3-tornado-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: 9a175597adf449c034f387ffac478e48b7d90b1c1bde8e8ea8b0ca5f18bd61e7 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.x86_64.rpm
|
SHA-256: d0e3e7fdfeb9ab0410b2ed8365b3273af5ad0393c9e911807cee0c89058af868 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| aarch64 |
|
python-tornado-debugsource-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 364e4c1815e9e3b526c422c7aae9ec00e253be2d034d937339e80eb56f0f1006 |
|
python3-tornado-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: 73608c59f47141d4666d92bf9e76335788bf3e9383dedf67c8d43244e2c26724 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.aarch64.rpm
|
SHA-256: b4ada4850f1f9eacf555daaa2551e5971b2e55af0bde92e8cadc6c9a39428764 |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| ppc64le |
|
python-tornado-debugsource-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: 95714664fe3352e54f29dfe53622cec21b6bdd8fc4087b1fdb6cacd0e0eec1f6 |
|
python3-tornado-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: a8372704729f119b1b3f5ecccd74eb70bb7278064ec2898819b352bc25ce5060 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.ppc64le.rpm
|
SHA-256: ab35409cfea984c8829443486da9b4e58af5688b55f17bbb0de05cb04d63c889 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4
| SRPM |
|
python-tornado-6.4.2-1.el9_4.src.rpm
|
SHA-256: 859ee3f4468d4921e83cc386e2df385619154fa42db79839aa79e5feb31e6a54 |
| s390x |
|
python-tornado-debugsource-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: dd5f8068df4c4cd4e3cfee4ca20cc9ea19348f35d3899469d1f38b8ff5148d2a |
|
python3-tornado-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: cc8410476efebc8d64c4814d92b3770440523d1e27ede5e3ed26c16f4455fa87 |
|
python3-tornado-debuginfo-6.4.2-1.el9_4.s390x.rpm
|
SHA-256: deb23d4b4f64185c6ef8722b175da4be63ba9567f25707804c5e387b803e7b20 |
