RLSA-2022:8492

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2022:8492

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2022:8492.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2022:8492

Related

CVE-2022-42919

Published

2022-11-16T10:10:13Z

Modified

2023-02-02T13:54:02.195161Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Important: python39:3.9 security update

Details

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

python: local privilege escalation via the multiprocessing forkserver start method (CVE-2022-42919)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:8

mod_wsgi

Package

Name: mod_wsgi
Purl: pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.7.1-4.module+el8.4.0+574+843c4898

mod_wsgi

Package

Name: mod_wsgi
Purl: pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.7.1-5.module+el8.7.0+1064+ad564229

numpy

Package

Name: numpy
Purl: pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.19.4-2.module+el8.4.0+574+843c4898

numpy

Package

Name: numpy
Purl: pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.19.4-3.module+el8.5.0+673+10283621

python39

Package

Name: python39
Purl: pkg:rpm/rocky-linux/python39?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.9.13-2.module+el8.7.0+1092+55aa9635

python3x-pip

Package

Name: python3x-pip
Purl: pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:20.2.4-3.module+el8.4.0+574+843c4898

python3x-pip

Package

Name: python3x-pip
Purl: pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:20.2.4-7.module+el8.7.0+1064+ad564229

python3x-pip

Package

Name: python3x-pip
Purl: pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:20.2.4-7.module+el8.6.0+795+de4edbcc

python3x-setuptools

Package

Name: python3x-setuptools
Purl: pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:50.3.2-3.module+el8.4.0+574+843c4898

python3x-setuptools

Package

Name: python3x-setuptools
Purl: pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:50.3.2-4.module+el8.5.0+673+10283621

python3x-six

Package

Name: python3x-six
Purl: pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.15.0-3.module+el8.4.0+574+843c4898

python-cffi

Package

Name: python-cffi
Purl: pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.14.3-2.module+el8.4.0+574+843c4898

python-chardet

Package

Name: python-chardet
Purl: pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.4-19.module+el8.4.0+570+c2eaf144

python-cryptography

Package

Name: python-cryptography
Purl: pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.3.1-2.module+el8.5.0+673+10283621

python-cryptography

Package

Name: python-cryptography
Purl: pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.3.1-2.module+el8.4.0+574+843c4898

python-idna

Package

Name: python-idna
Purl: pkg:rpm/rocky-linux/python-idna?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.10-3.module+el8.4.0+574+843c4898

python-lxml

Package

Name: python-lxml
Purl: pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.6.2-2.module+el8.4.0+574+843c4898

python-lxml

Package

Name: python-lxml
Purl: pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.6.5-1.module+el8.6.0+795+de4edbcc

python-ply

Package

Name: python-ply
Purl: pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.11-10.module+el8.4.0+570+c2eaf144

python-psutil

Package

Name: python-psutil
Purl: pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.8.0-4.module+el8.5.0+673+10283621

python-psutil

Package

Name: python-psutil
Purl: pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.8.0-4.module+el8.4.0+574+843c4898

python-psycopg2

Package

Name: python-psycopg2
Purl: pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8.6-2.module+el8.6.0+795+de4edbcc

python-psycopg2

Package

Name: python-psycopg2
Purl: pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8.6-2.module+el8.4.0+574+843c4898

python-psycopg2

Package

Name: python-psycopg2
Purl: pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8-5-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8.6-2.module+el8.5.0+673+10283621

python-pycparser

Package

Name: python-pycparser
Purl: pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.20-3.module+el8.4.0+574+843c4898

python-PyMySQL

Package

Name: python-PyMySQL
Purl: pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.10.1-2.module+el8.4.0+597+ddf0ddea

python-PyMySQL

Package

Name: python-PyMySQL
Purl: pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.10.1-2.module+el8.4.0+574+843c4898

python-pysocks

Package

Name: python-pysocks
Purl: pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.7.1-4.module+el8.4.0+570+c2eaf144

python-requests

Package

Name: python-requests
Purl: pkg:rpm/rocky-linux/python-requests?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.25.0-2.module+el8.4.0+574+843c4898

python-toml

Package

Name: python-toml
Purl: pkg:rpm/rocky-linux/python-toml?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.10.1-5.module+el8.4.0+574+843c4898

python-urllib3

Package

Name: python-urllib3
Purl: pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.25.10-3.module+el8.4.0+574+843c4898

python-urllib3

Package

Name: python-urllib3
Purl: pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.25.10-4.module+el8.5.0+673+10283621

python-wheel

Package

Name: python-wheel
Purl: pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8-4-legacy&epoch=1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.35.1-3.module+el8.4.0+574+843c4898

python-wheel

Package

Name: python-wheel
Purl: pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:0.35.1-4.module+el8.5.0+673+10283621

PyYAML

Package

Name: PyYAML
Purl: pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.4.1-1.module+el8.5.0+672+ab6eb015

PyYAML

Package

Name: PyYAML
Purl: pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.4.1-1.module+el8.4.0+574+843c4898

scipy

Package

Name: scipy
Purl: pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.5.4-3.module+el8.5.0+673+10283621

scipy

Package

Name: scipy
Purl: pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.5.4-3.module+el8.4.0+574+843c4898