RLSA-2022:1764

Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2022:1764.json
Related
Published
2022-05-10T06:23:23Z
Modified
2023-02-02T13:38:41.485028Z
Details

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

The following packages have been upgraded to a later upstream version: python38 (3.8), python38-devel (3.8). (BZ#1997680, BZ#1997860)

Security Fix(es):

  • python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)

  • python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818)

  • python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391)

  • python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.

References

Affected packages

Rocky Linux:8 / babel

Package

Name
babel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.7.0-11.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / Cython

Package

Name
Cython

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.29.14-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / mod_wsgi

Package

Name
mod_wsgi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:4.6.8-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / numpy

Package

Name
numpy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.17.3-6.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / pytest

Package

Name
pytest

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:4.6.6-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python38

Package

Name
python38

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:3.8.12-1.module+el8.6.0+794+eba84017

Rocky Linux:8 / python3x-pip

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:19.3.1-5.module+el8.6.0+794+eba84017

Rocky Linux:8 / python3x-pyparsing

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.4.5-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python3x-setuptools

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:41.6.0-5.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python3x-six

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.12.0-10.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-asn1crypto

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.2.0-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-atomicwrites

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.3.0-8.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-pluggy

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.13.0-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-attrs

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:19.3.0-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-cffi

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.13.2-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-chardet

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:3.0.4-19.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-cryptography

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8-3.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-cryptography

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-idna

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8-6.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-jinja2

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.10.3-5.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-lxml

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:4.4.1-7.module+el8.6.0+794+eba84017

Rocky Linux:8 / python-markupsafe

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.1.1-6.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-more-itertools

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:7.2.0-5.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-packaging

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:19.2-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-ply

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:3.11-10.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-psutil

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:5.6.4-4.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-psycopg2

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8.4-4.module+el8.6.0+794+eba84017

Rocky Linux:8 / python-psycopg2

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8.4-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-py

Package

Name
python-py

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.8.0-8.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-pycparser

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.19-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / pytz

Package

Name
pytz

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2019.3-3.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-PyMySQL

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.10.1-1.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-PyMySQL

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.10.1-1.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-pysocks

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.7.1-4.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-requests

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.22.0-9.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-urllib3

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.25.7-5.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / python-wcwidth

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.1.7-16.module+el8.4.0+570+c2eaf144

Rocky Linux:8 / python-wheel

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:0.33.6-6.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / PyYAML

Package

Name
PyYAML

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:5.4.1-1.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / PyYAML

Package

Name
PyYAML

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:5.4.1-1.module+el8.4.0+574+843c4898

Rocky Linux:8 / scipy

Package

Name
scipy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.3.1-4.module+el8.5.0+672+ab6eb015

Rocky Linux:8 / scipy

Package

Name
scipy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.3.1-4.module+el8.4.0+570+c2eaf144