python3.11-3.11.10-1.fc40

Read Time:2 Minute, 7 Second

FEDORA-2024-f7f36c20a2

Packages in this update:

python3.11-3.11.10-1.fc40

Update description:

This is a security release of Python 3.11

Note: The release you’re looking at is Python 3.11.10, a security bugfix release for the legacy 3.11 series. Python 3.12 is now the latest feature release series of Python 3.

Security content in this release

gh-123067: Fix quadratic complexity in parsing “-quoted cookie values with backslashes by http.cookies. Fixes CVE-2024-7592.
gh-113171: Fixed various false positives and false negatives in IPv4Address.is_private, IPv4Address.is_global, IPv6Address.is_private, IPv6Address.is_global. Fixes CVE-2024-4032.
gh-67693: Fix urllib.parse.urlunparse() and urllib.parse.urlunsplit() for URIs with path starting with multiple slashes and no authority. Fixes CVE-2015-2104.
gh-121957: Fixed missing audit events around interactive use of Python, now also properly firing for python -i, as well as for python -m asyncio. The event in question is cpython.run_stdin.
gh-122133: Authenticate the socket connection for the socket.socketpair() fallback on platforms where AF_UNIX is not available like Windows.
gh-121285: Remove backtracking from tarfile header parsing for hdrcharset, PAX, and GNU sparse headers. That’s CVE-2024-6232.
gh-114572: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads.
gh-102988: email.utils.getaddresses() and email.utils.parseaddr() now return (”, ”) 2-tuples in more situations where invalid email addresses are encountered instead of potentially inaccurate values. Add optional strict parameter to these two functions: use strict=False to get the old behavior, accept malformed inputs. getattr(email.utils, ‘supports_strict_parsing’, False) can be use to check if the strict paramater is available. This improves the CVE-2023-27043 fix.
gh-123270: Sanitize names in zipfile.Path to avoid infinite loops (gh-122905) without breaking contents using legitimate characters. That’s CVE-2024-8088.
gh-121650: email headers with embedded newlines are now quoted on output. The generator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. That’s CVE-2024-6923.
gh-119690: Fixes data type confusion in audit events raised by _winapi.CreateFile and _winapi.CreateNamedPipe.
gh-116773: Fix instances of <_overlapped.Overlapped object at 0xXXX> still has pending operation at deallocation, the process may crash.
gh-112275: A deadlock involving pystate.c’s HEAD_LOCK in posixmodule.c at fork is now fixed.

Read More

USN-6997-2: LibTIFF vulnerability

Read Time:15 Second

USN-6997-1 fixed a vulnerability in LibTIFF. This update
provides the corresponding update for Ubuntu 14.04 LTS.

Original advisory details:

It was discovered that LibTIFF incorrectly handled memory. An attacker
could possibly use this issue to cause the application to crash, resulting
in a denial of service.

Read More

USN-6999-1: Linux kernel vulnerabilities

Read Time:5 Minute, 9 Second

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-23848)

It was discovered that the JFS file system contained an out-of-bounds read
vulnerability when printing xattr debug information. A local attacker could
use this to cause a denial of service (system crash). (CVE-2024-40902)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM64 architecture;
– MIPS architecture;
– PA-RISC architecture;
– PowerPC architecture;
– RISC-V architecture;
– x86 architecture;
– Block layer subsystem;
– ACPI drivers;
– Drivers core;
– Null block device driver;
– Character device driver;
– TPM device driver;
– Clock framework and drivers;
– CPU frequency scaling framework;
– Hardware crypto device drivers;
– CXL (Compute Express Link) drivers;
– Buffer Sharing and Synchronization framework;
– DMA engine subsystem;
– EFI core;
– FPGA Framework;
– GPU drivers;
– Greybus drivers;
– HID subsystem;
– HW tracing;
– I2C subsystem;
– IIO subsystem;
– InfiniBand drivers;
– Input Device (Mouse) drivers;
– Mailbox framework;
– Media drivers;
– Microchip PCI driver;
– VMware VMCI Driver;
– Network drivers;
– PCI subsystem;
– x86 platform drivers;
– PTP clock framework;
– S/390 drivers;
– SCSI drivers;
– SoundWire subsystem;
– Sonic Silicon Backplane drivers;
– Greybus lights staging drivers;
– Thermal drivers;
– TTY drivers;
– USB subsystem;
– VFIO drivers;
– Framebuffer layer;
– Watchdog drivers;
– 9P distributed file system;
– BTRFS file system;
– File systems infrastructure;
– Ext4 file system;
– F2FS file system;
– JFS file system;
– Network file system server daemon;
– NILFS2 file system;
– NTFS3 file system;
– SMB network file system;
– Tracing file system;
– Tracing infrastructure;
– io_uring subsystem;
– Core kernel;
– BPF subsystem;
– Kernel debugger infrastructure;
– DMA mapping infrastructure;
– IRQ subsystem;
– Memory management;
– 9P file system network protocol;
– Amateur Radio drivers;
– B.A.T.M.A.N. meshing protocol;
– Ethernet bridge;
– Networking core;
– Ethtool driver;
– IPv4 networking;
– IPv6 networking;
– MAC80211 subsystem;
– Multipath TCP;
– Netfilter;
– NET/ROM layer;
– NFC subsystem;
– Network traffic control;
– Sun RPC protocol;
– TIPC protocol;
– TLS protocol;
– Unix domain sockets;
– Wireless networking;
– XFRM subsystem;
– AppArmor security module;
– Integrity Measurement Architecture(IMA) framework;
– Landlock security;
– Linux Security Modules (LSM) Framework;
– SELinux security module;
– Simplified Mandatory Access Control Kernel framework;
– ALSA framework;
– HD-audio driver;
– SOF drivers;
– KVM core;
(CVE-2024-40911, CVE-2024-37356, CVE-2024-40935, CVE-2024-40944,
CVE-2024-41003, CVE-2024-40990, CVE-2024-40952, CVE-2024-40940,
CVE-2024-40930, CVE-2024-40985, CVE-2024-40941, CVE-2024-38630,
CVE-2024-39466, CVE-2024-40933, CVE-2024-38624, CVE-2024-40924,
CVE-2024-40945, CVE-2024-40899, CVE-2024-38622, CVE-2024-40979,
CVE-2024-36484, CVE-2024-41004, CVE-2024-39474, CVE-2022-48772,
CVE-2024-36244, CVE-2024-38664, CVE-2024-40925, CVE-2024-40980,
CVE-2024-39480, CVE-2024-36270, CVE-2024-40936, CVE-2024-40904,
CVE-2024-38635, CVE-2024-40927, CVE-2024-36481, CVE-2024-40929,
CVE-2024-40958, CVE-2024-36978, CVE-2024-40992, CVE-2024-40908,
CVE-2024-39504, CVE-2024-41001, CVE-2024-40967, CVE-2023-52884,
CVE-2024-40997, CVE-2024-40903, CVE-2024-40913, CVE-2024-34030,
CVE-2024-39473, CVE-2024-40966, CVE-2024-40951, CVE-2024-40902,
CVE-2024-40982, CVE-2024-40923, CVE-2024-39467, CVE-2024-40910,
CVE-2024-40909, CVE-2024-39463, CVE-2024-40974, CVE-2024-41002,
CVE-2024-39464, CVE-2024-39496, CVE-2024-41040, CVE-2024-39469,
CVE-2024-39500, CVE-2024-39510, CVE-2024-38627, CVE-2024-32936,
CVE-2024-40975, CVE-2024-38390, CVE-2024-40959, CVE-2024-41006,
CVE-2024-40986, CVE-2024-40987, CVE-2024-40922, CVE-2024-40983,
CVE-2024-37354, CVE-2024-38637, CVE-2024-39277, CVE-2024-40943,
CVE-2024-39371, CVE-2024-40921, CVE-2024-40953, CVE-2024-38634,
CVE-2024-38659, CVE-2024-39492, CVE-2024-40976, CVE-2024-40906,
CVE-2024-40965, CVE-2024-38667, CVE-2024-39498, CVE-2024-38628,
CVE-2024-38661, CVE-2024-38663, CVE-2024-40998, CVE-2024-40948,
CVE-2024-38306, CVE-2024-40928, CVE-2024-39468, CVE-2024-39494,
CVE-2024-39505, CVE-2024-40963, CVE-2024-39499, CVE-2024-39506,
CVE-2024-40995, CVE-2024-39491, CVE-2024-40900, CVE-2024-39478,
CVE-2024-39490, CVE-2024-39291, CVE-2024-40981, CVE-2024-40926,
CVE-2024-40939, CVE-2024-38385, CVE-2024-39483, CVE-2024-40989,
CVE-2024-40955, CVE-2024-39501, CVE-2024-38381, CVE-2024-33621,
CVE-2024-40964, CVE-2024-42148, CVE-2024-36286, CVE-2024-38629,
CVE-2024-39509, CVE-2024-39298, CVE-2024-36489, CVE-2024-34777,
CVE-2024-40957, CVE-2024-40919, CVE-2024-39462, CVE-2024-39495,
CVE-2024-39497, CVE-2024-38636, CVE-2024-36281, CVE-2024-39479,
CVE-2024-40932, CVE-2024-36288, CVE-2024-38623, CVE-2024-40969,
CVE-2024-40931, CVE-2024-36971, CVE-2024-40934, CVE-2024-36015,
CVE-2024-39485, CVE-2024-40996, CVE-2024-39507, CVE-2024-36973,
CVE-2024-38625, CVE-2024-39301, CVE-2024-34027, CVE-2024-37026,
CVE-2024-40960, CVE-2024-37078, CVE-2024-40912, CVE-2024-40988,
CVE-2024-41005, CVE-2024-39276, CVE-2024-38662, CVE-2024-39502,
CVE-2024-36479, CVE-2024-40947, CVE-2024-38780, CVE-2024-38388,
CVE-2024-40917, CVE-2024-36974, CVE-2024-40970, CVE-2024-40901,
CVE-2024-38384, CVE-2024-39475, CVE-2024-40949, CVE-2024-37021,
CVE-2024-38633, CVE-2024-39503, CVE-2024-41000, CVE-2024-33847,
CVE-2024-35247, CVE-2024-40968, CVE-2024-33619, CVE-2024-38619,
CVE-2024-40984, CVE-2024-36478, CVE-2024-39493, CVE-2024-42078,
CVE-2024-40954, CVE-2024-40978, CVE-2024-39508, CVE-2024-40915,
CVE-2024-39489, CVE-2024-40920, CVE-2024-38618, CVE-2024-40938,
CVE-2024-39296, CVE-2024-40962, CVE-2024-39470, CVE-2024-39481,
CVE-2024-40977, CVE-2024-38621, CVE-2024-40971, CVE-2024-31076,
CVE-2024-36972, CVE-2024-39471, CVE-2024-40994, CVE-2024-40973,
CVE-2024-40916, CVE-2024-40942, CVE-2024-40956, CVE-2024-39465,
CVE-2024-40914, CVE-2024-40937, CVE-2024-40918, CVE-2024-40905,
CVE-2024-39488, CVE-2024-38632, CVE-2024-39461, CVE-2024-40999,
CVE-2024-40972, CVE-2024-36477, CVE-2024-40961)

Read More

Evaluating the Effectiveness of Reward Modeling of Generative AI Systems

Read Time:1 Minute, 15 Second

New research evaluating the effectiveness of reward modeling during Reinforcement Learning from Human Feedback (RLHF): “SEAL: Systematic Error Analysis for Value ALignment.” The paper introduces quantitative metrics for evaluating the effectiveness of modeling and aligning human values:

Abstract: Reinforcement Learning from Human Feedback (RLHF) aims to align language models (LMs) with human values by training reward models (RMs) on binary preferences and using these RMs to fine-tune the base LMs. Despite its importance, the internal mechanisms of RLHF remain poorly understood. This paper introduces new metrics to evaluate the effectiveness of modeling and aligning human values, namely feature imprint, alignment resistance and alignment robustness. We categorize alignment datasets into target features (desired values) and spoiler features (undesired concepts). By regressing RM scores against these features, we quantify the extent to which RMs reward them ­ a metric we term feature imprint. We define alignment resistance as the proportion of the preference dataset where RMs fail to match human preferences, and we assess alignment robustness by analyzing RM responses to perturbed inputs. Our experiments, utilizing open-source components like the Anthropic preference dataset and OpenAssistant RMs, reveal significant imprints of target features and a notable sensitivity to spoiler features. We observed a 26% incidence of alignment resistance in portions of the dataset where LM-labelers disagreed with human preferences. Furthermore, we find that misalignment often arises from ambiguous entries within the alignment dataset. These findings underscore the importance of scrutinizing both RMs and alignment datasets for a deeper understanding of value alignment.

Read More