RLSA-2021:1879

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2021:1879.json

Related

Published

2021-05-18T06:18:31Z

Modified

2023-02-02T13:21:43.775470Z

Details

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)
python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)
python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.

References

Affected packages

Rocky Linux:8 / babel

Package

Name: babel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.7.0-10.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / Cython

Package

Name: Cython

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.29.14-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / mod_wsgi

Package

Name: mod_wsgi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.6.8-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / numpy

Package

Name: numpy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.17.3-5.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python38

Package

Name: python38

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.8.6-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python3x-pip

Package

Name: python3x-pip

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:19.3.1-1.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python3x-setuptools

Package

Name: python3x-setuptools

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:41.6.0-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python3x-six

Package

Name: python3x-six

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.12.0-10.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-asn1crypto

Package

Name: python-asn1crypto

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.2.0-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-cffi

Package

Name: python-cffi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.13.2-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-chardet

Package

Name: python-chardet

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.0.4-19.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-cryptography

Package

Name: python-cryptography

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.8-3.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-cryptography

Package

Name: python-cryptography

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.8-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-idna

Package

Name: python-idna

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.8-6.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-jinja2

Package

Name: python-jinja2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.10.3-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-lxml

Package

Name: python-lxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:4.4.1-5.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-markupsafe

Package

Name: python-markupsafe

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.1.1-6.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-ply

Package

Name: python-ply

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:3.11-10.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-psutil

Package

Name: python-psutil

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:5.6.4-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-psycopg2

Package

Name: python-psycopg2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.8.4-4.module+el8.6.0+794+eba84017

Rocky Linux:8 / python-psycopg2

Package

Name: python-psycopg2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.8.4-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-pycparser

Package

Name: python-pycparser

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.19-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-PyMySQL

Package

Name: python-PyMySQL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.10.1-1.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-PyMySQL

Package

Name: python-PyMySQL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.10.1-1.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-pysocks

Package

Name: python-pysocks

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.7.1-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-requests

Package

Name: python-requests

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2.22.0-9.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-urllib3

Package

Name: python-urllib3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.25.7-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-wheel

Package

Name: python-wheel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:0.33.6-5.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / pytz

Package

Name: pytz

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:2019.3-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / PyYAML

Package

Name: PyYAML

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:5.3.1-1.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / scipy

Package

Name: scipy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.3.1-4.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / scipy

Package

Name: scipy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

0:1.3.1-4.module+el8.4.0+570+c2eaf144