RLSA-2022:8492

Source
https://errata.rockylinux.org/RLSA-2022:8492
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2022:8492.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2022:8492
Related
Published
2022-11-16T10:10:13Z
Modified
2023-02-02T13:54:02.195161Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Important: python39:3.9 security update
Details

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

  • python: local privilege escalation via the multiprocessing forkserver start method (CVE-2022-42919)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8

mod_wsgi

Package

Name
mod_wsgi
Purl
pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.7.1-4.module+el8.4.0+574+843c4898

mod_wsgi

Package

Name
mod_wsgi
Purl
pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.7.1-5.module+el8.7.0+1064+ad564229

numpy

Package

Name
numpy
Purl
pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.19.4-2.module+el8.4.0+574+843c4898

numpy

Package

Name
numpy
Purl
pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.19.4-3.module+el8.5.0+673+10283621

python39

Package

Name
python39
Purl
pkg:rpm/rocky-linux/python39?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.9.13-2.module+el8.7.0+1092+55aa9635

python3x-pip

Package

Name
python3x-pip
Purl
pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:20.2.4-3.module+el8.4.0+574+843c4898

python3x-pip

Package

Name
python3x-pip
Purl
pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:20.2.4-7.module+el8.7.0+1064+ad564229

python3x-pip

Package

Name
python3x-pip
Purl
pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8-6-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:20.2.4-7.module+el8.6.0+795+de4edbcc

python3x-setuptools

Package

Name
python3x-setuptools
Purl
pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:50.3.2-3.module+el8.4.0+574+843c4898

python3x-setuptools

Package

Name
python3x-setuptools
Purl
pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:50.3.2-4.module+el8.5.0+673+10283621

python3x-six

Package

Name
python3x-six
Purl
pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.15.0-3.module+el8.4.0+574+843c4898

python-cffi

Package

Name
python-cffi
Purl
pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.14.3-2.module+el8.4.0+574+843c4898

python-chardet

Package

Name
python-chardet
Purl
pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.0.4-19.module+el8.4.0+570+c2eaf144

python-cryptography

Package

Name
python-cryptography
Purl
pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.3.1-2.module+el8.5.0+673+10283621

python-cryptography

Package

Name
python-cryptography
Purl
pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.3.1-2.module+el8.4.0+574+843c4898

python-idna

Package

Name
python-idna
Purl
pkg:rpm/rocky-linux/python-idna?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.10-3.module+el8.4.0+574+843c4898

python-lxml

Package

Name
python-lxml
Purl
pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.6.2-2.module+el8.4.0+574+843c4898

python-lxml

Package

Name
python-lxml
Purl
pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:4.6.5-1.module+el8.6.0+795+de4edbcc

python-ply

Package

Name
python-ply
Purl
pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:3.11-10.module+el8.4.0+570+c2eaf144

python-psutil

Package

Name
python-psutil
Purl
pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.8.0-4.module+el8.5.0+673+10283621

python-psutil

Package

Name
python-psutil
Purl
pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.8.0-4.module+el8.4.0+574+843c4898

python-psycopg2

Package

Name
python-psycopg2
Purl
pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.8.6-2.module+el8.6.0+795+de4edbcc

python-psycopg2

Package

Name
python-psycopg2
Purl
pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.8.6-2.module+el8.4.0+574+843c4898

python-psycopg2

Package

Name
python-psycopg2
Purl
pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8-5-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.8.6-2.module+el8.5.0+673+10283621

python-pycparser

Package

Name
python-pycparser
Purl
pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.20-3.module+el8.4.0+574+843c4898

python-PyMySQL

Package

Name
python-PyMySQL
Purl
pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.10.1-2.module+el8.4.0+597+ddf0ddea

python-PyMySQL

Package

Name
python-PyMySQL
Purl
pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.10.1-2.module+el8.4.0+574+843c4898

python-pysocks

Package

Name
python-pysocks
Purl
pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.7.1-4.module+el8.4.0+570+c2eaf144

python-requests

Package

Name
python-requests
Purl
pkg:rpm/rocky-linux/python-requests?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:2.25.0-2.module+el8.4.0+574+843c4898

python-toml

Package

Name
python-toml
Purl
pkg:rpm/rocky-linux/python-toml?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:0.10.1-5.module+el8.4.0+574+843c4898

python-urllib3

Package

Name
python-urllib3
Purl
pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.25.10-3.module+el8.4.0+574+843c4898

python-urllib3

Package

Name
python-urllib3
Purl
pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.25.10-4.module+el8.5.0+673+10283621

python-wheel

Package

Name
python-wheel
Purl
pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8-4-legacy&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.35.1-3.module+el8.4.0+574+843c4898

python-wheel

Package

Name
python-wheel
Purl
pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.35.1-4.module+el8.5.0+673+10283621

PyYAML

Package

Name
PyYAML
Purl
pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.4.1-1.module+el8.5.0+672+ab6eb015

PyYAML

Package

Name
PyYAML
Purl
pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:5.4.1-1.module+el8.4.0+574+843c4898

scipy

Package

Name
scipy
Purl
pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.5.4-3.module+el8.5.0+673+10283621

scipy

Package

Name
scipy
Purl
pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:1.5.4-3.module+el8.4.0+574+843c4898