An update for python-certifi is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1457 Final 1.0 1.0 2023-08-06 Initial 2023-08-06 2023-08-06 openEuler SA Tool V1.0 2023-08-06 python-certifi security update An update for python-certifi is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. Certifi provides Mozilla carefully curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. It has been extracted from the Requests project Security Fix(es): Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.(CVE-2022-23491) Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.(CVE-2023-37920) An update for python-certifi is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High python-certifi https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1457 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-23491 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-37920 https://nvd.nist.gov/vuln/detail/CVE-2022-23491 https://nvd.nist.gov/vuln/detail/CVE-2023-37920 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 python-certifi-help-2023.7.22-1.oe1.noarch.rpm python3-certifi-2023.7.22-1.oe1.noarch.rpm python-certifi-help-2023.7.22-1.oe1.noarch.rpm python3-certifi-2023.7.22-1.oe1.noarch.rpm python-certifi-help-2023.7.22-1.oe2203.noarch.rpm python3-certifi-2023.7.22-1.oe2203.noarch.rpm python3-certifi-2023.7.22-1.oe2203sp1.noarch.rpm python-certifi-help-2023.7.22-1.oe2203sp1.noarch.rpm python3-certifi-2023.7.22-1.oe2203sp2.noarch.rpm python-certifi-help-2023.7.22-1.oe2203sp2.noarch.rpm python-certifi-2023.7.22-1.oe1.src.rpm python-certifi-2023.7.22-1.oe1.src.rpm python-certifi-2023.7.22-1.oe2203.src.rpm python-certifi-2023.7.22-1.oe2203sp1.src.rpm python-certifi-2023.7.22-1.oe2203sp2.src.rpm Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from TrustCor from the root store. These are in the process of being removed from Mozilla s trust store. TrustCor s root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor s ownership also operated a business that produced spyware. Conclusions of Mozilla s investigation can be found in the linked google group discussion. 2023-08-06 CVE-2022-23491 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N python-certifi security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1457 Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes e-Tugra root certificates. e-Tugra s root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from e-Tugra from the root store. 2023-08-06 CVE-2023-37920 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N python-certifi security update 2023-08-06 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1457