[ALSA-2020:1605] Moderate: python27:2.7 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2020-04-28
Description:
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The following packages have been upgraded to a later upstream version: python2 (2.7.17). (BZ#1759944) Security Fix(es): * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060) * python: Cookie domain check returns incorrect results (CVE-2018-20852) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) * python: email.utils.parseaddr wrongly parses email addresses (CVE-2019-16056) * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python-psycopg2-doc-2.7.5-7.module_el8.6.0+2781+fed64c13.aarch64.rpm 268cb518d03ad67213b5a14751d8876f7ec3b21cdc7e9d980163b4c1b62f0155
aarch64 python2-psycopg2-debug-2.7.5-7.module_el8.6.0+2781+fed64c13.aarch64.rpm 4385e2456c28b5c9fc21ba5d7b291028e29fd4432e5ba11da0dbf7c7f4309a66
aarch64 python2-Cython-0.28.1-7.module_el8.6.0+2781+fed64c13.aarch64.rpm 4fe0221b4c60da2042adc812ae223663b8379ae638e05db9d9d016fa01597ab3
aarch64 python2-markupsafe-0.23-19.module_el8.6.0+2781+fed64c13.aarch64.rpm 63d42274de243d293e0d49e60cdd4c53eaf5d5086499cc3c260c6a7ce9a95c3a
aarch64 python2-pyyaml-3.12-16.module_el8.6.0+2781+fed64c13.aarch64.rpm 7b2a5473b6953d3f88816b6c355c19e40cd2e38f71f3b735c39bf19f5b574774
aarch64 python2-coverage-4.5.1-4.module_el8.6.0+2781+fed64c13.aarch64.rpm e1d1897770f9f0583507669aef569fc622d8c66468a88b105ad9abf86e8fd304
aarch64 python2-psycopg2-2.7.5-7.module_el8.6.0+2781+fed64c13.aarch64.rpm e9e08b7da39d8367d10d70001ec46e8494c0afb10d02174e915ff6275b5e040d
aarch64 python2-psycopg2-tests-2.7.5-7.module_el8.6.0+2781+fed64c13.aarch64.rpm f35b3393280a34d59fcb7bf772ed1c4b6ddf501b7c5ed22e680c7ddc346dc661
noarch python2-pluggy-0.6.0-8.module_el8.6.0+2781+fed64c13.noarch.rpm 08adf4c4c608ab9cfbe42ca66b8e5cdc2cf929e09998dcab11672d121b1d66d5
noarch python2-pytz-2017.2-12.module_el8.6.0+2781+fed64c13.noarch.rpm 0f6e3729104265ba4c1d4a8e9604ece1cf980f45450990e58a4a4da1dc99c142
noarch python2-rpm-macros-3-38.module_el8.6.0+2781+fed64c13.noarch.rpm 0f707f1676370cdc6d0cb6938fcafc5e36895f7eca9d6c478bef3307bcaea4bf
noarch python2-setuptools_scm-1.15.7-6.module_el8.6.0+2781+fed64c13.noarch.rpm 2708c00d2388bd78588f0d1352c95b9c18be47e8b52416df1d3026b0eecbbf98
noarch python2-docutils-0.14-12.module_el8.6.0+2781+fed64c13.noarch.rpm 350ecda34776fceaca8b89a180d5255ea8dc17443217540ba7243e2a13b53ec2
noarch python2-dns-1.15.0-10.module_el8.6.0+2781+fed64c13.noarch.rpm 4ccfd396082173299bc64629fc3e5831c5fc85b40be33f6f51723c270bb749f1
noarch python2-mock-2.0.0-13.module_el8.6.0+2781+fed64c13.noarch.rpm 537d2a427fb179e87b859dc1a4f81cabbfbd8f0dbb11c830a79f20a4b265c6d6
noarch python2-pysocks-1.6.8-6.module_el8.6.0+2781+fed64c13.noarch.rpm 579a0042752c846eaaf44726c4a801695374030dca5e55a3b01e48b0fc7b2315
noarch python2-PyMySQL-0.8.0-10.module_el8.6.0+2781+fed64c13.noarch.rpm 5e48758e9ae93f416345bca0af5004e79befa568f12f2bbea23a8360af88e490
noarch python2-attrs-17.4.0-10.module_el8.6.0+2781+fed64c13.noarch.rpm 65ed4d1e8109ab82edc3f0b452e9279d3ddcfe27829fd8c98a1d7941f5944fbb
noarch python2-pytest-mock-1.9.0-4.module_el8.6.0+2781+fed64c13.noarch.rpm 85c7e375727a8943285f198c444d52e3ec910f1de1431b170e86892d34b327d3
noarch python2-ipaddress-1.0.18-6.module_el8.6.0+2781+fed64c13.noarch.rpm 909577600262b834c5f9ccf59c4cc969e784b6b949b797599ccc3878635ed72a
noarch python2-chardet-3.0.4-10.module_el8.6.0+2781+fed64c13.noarch.rpm 92024f7522fa403c63b09c5b7ccc6ff43ae6cff21dd1d3e714b7cae19021f715
noarch python2-requests-2.20.0-3.module_el8.6.0+2781+fed64c13.noarch.rpm a204b03dadb4fe82d7b2c8c132a5d0b76b114f2ba15c2a80a04b82b6ffb4e07a
noarch python2-idna-2.5-7.module_el8.6.0+2781+fed64c13.noarch.rpm b442b9345edd3d6779e67b56c3e5fc61a4d1ba811942857ecdf8826e3909501d
noarch python2-docs-2.7.16-2.module_el8.6.0+2781+fed64c13.noarch.rpm bbf51ddf481e6a33777df9549840437bc568c58d0e18dec22b51fb8a73834cc3
noarch python2-docs-info-2.7.16-2.module_el8.6.0+2781+fed64c13.noarch.rpm c45a2a862df0e3dab50c42b3c21f555ef4943cd5ebc4178f0aef83a060535422
noarch python2-pytest-3.4.2-13.module_el8.6.0+2781+fed64c13.noarch.rpm ce317bc44c45290a853dfe8d880a7447d8819cb90077730041c79f0fbec65b61
noarch python2-py-1.5.3-6.module_el8.6.0+2781+fed64c13.noarch.rpm fcb588e2011cbee8960377755b67b2414430947af876b981e4b491298e293245
noarch python2-funcsigs-1.0.2-13.module_el8.6.0+2781+fed64c13.noarch.rpm fdd155b2957a59e67ee7a0566cb2913167afbdc764547bbbb7b5f40743fc8a9d
ppc64le python-psycopg2-doc-2.7.5-7.module_el8.6.0+2781+fed64c13.ppc64le.rpm 24446b6b2a465ac1a73b0a77a532df55732ffd01e3162419a780d0c494a52ccc
ppc64le python2-coverage-4.5.1-4.module_el8.6.0+2781+fed64c13.ppc64le.rpm 2ab8f974d1a9d6078661bf376debe33407d0e94b66f4b369347276725f29ac2e
ppc64le python2-markupsafe-0.23-19.module_el8.6.0+2781+fed64c13.ppc64le.rpm 69620e07787d40268505e00cb14e572f2dbad7b17b93a31ac49bb3a51a5a4c40
ppc64le python2-psycopg2-debug-2.7.5-7.module_el8.6.0+2781+fed64c13.ppc64le.rpm 6af22a3ee6318862fbac9c462a7fe6f1fe3118c87c9abe85dd21b93abf118229
ppc64le python2-psycopg2-2.7.5-7.module_el8.6.0+2781+fed64c13.ppc64le.rpm 76a1720e3e47e54dccd6f29a1c482db91fcc65bd23193dc22e52081bac2f6ac4
ppc64le python2-psycopg2-tests-2.7.5-7.module_el8.6.0+2781+fed64c13.ppc64le.rpm c53c4ed75c46006dd39e567f658b9d47ef795fc3c27bb6706f38b1e10add256b
ppc64le python2-pyyaml-3.12-16.module_el8.6.0+2781+fed64c13.ppc64le.rpm e09dc7672ba6ebf7515753ef1270173d710b16d5a3a2407bf26470715c02b38f
ppc64le python2-Cython-0.28.1-7.module_el8.6.0+2781+fed64c13.ppc64le.rpm e23f3293dcb3227ea70284a62b0a22a6efdb4dd006163dfe6783a3a6d19e366c
x86_64 python-psycopg2-doc-2.7.5-7.module_el8.6.0+2781+fed64c13.x86_64.rpm 0e072a71d43783a6a20af215eb1976af080661cbac8bba1d2dd8a4144644d2da
x86_64 python2-psycopg2-tests-2.7.5-7.module_el8.6.0+2781+fed64c13.x86_64.rpm 2f0a68ba40aed0431c3c3e3dfd400f50cdeed313c01b01349eb3d3a86f5caa13
x86_64 python2-pyyaml-3.12-16.module_el8.6.0+2781+fed64c13.x86_64.rpm 437bb7ba3c82271515d58f1a3169f155a6cedcf84a1fb87ff8020b2e1c48dd26
x86_64 python2-psycopg2-debug-2.7.5-7.module_el8.6.0+2781+fed64c13.x86_64.rpm 672a61a8b5eda31bc08b5c01783a88f606baf8fee4cb2ffaca8082183083a6d3
x86_64 python2-Cython-0.28.1-7.module_el8.6.0+2781+fed64c13.x86_64.rpm 67947b53184d533452458c7354bd26707265d931cc1ad91f289fbefb0f946039
x86_64 python2-markupsafe-0.23-19.module_el8.6.0+2781+fed64c13.x86_64.rpm a4d71692bac0c905d804a1edfda8ae592fa102e3983877ac4ebe2bf7516634f3
x86_64 python2-psycopg2-2.7.5-7.module_el8.6.0+2781+fed64c13.x86_64.rpm ced41fe26fbfb43b950c02fe0e7ba32143950496276b9a11d97da5cd3cb34856
x86_64 python2-coverage-4.5.1-4.module_el8.6.0+2781+fed64c13.x86_64.rpm dde557783dcf06f144efb1b8877c2b1167d178e9e59931c52fb68fc8fed8768e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.