ALSA-2021:4160

[ALSA-2021:4160] Moderate: python39:3.9 and python39-devel:3.9 security update

Type:

security

Severity:

moderate

Release date:

2021-11-09

Description:

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* python: Information disclosure via pydoc (CVE-2021-3426)

* python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)

* python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957)

* python-ipaddress: Improper input validation of octal strings (CVE-2021-29921)

* python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503)

* python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572)

* python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	python39-numpy-f2py-1.19.4-3.module_el8.6.0+2780+a40f65e1.aarch64.rpm	028735173d71e16034adf25fdd86012f0e2d2f58ed2186036ba532b12392d8f0
aarch64	python39-mod_wsgi-4.7.1-4.module_el8.6.0+2780+a40f65e1.aarch64.rpm	18dbc2c620fd7c15d5134a7b1f17d869ff4589a42586f37a4ea2387e8bf8b677
aarch64	python39-psycopg2-tests-2.8.6-2.module_el8.6.0+2780+a40f65e1.aarch64.rpm	29c92aa7decb87f06c5a6c7709f0e28765e669ead3b2a969a2244f1d51279f9b
aarch64	python39-cryptography-3.3.1-2.module_el8.6.0+2780+a40f65e1.aarch64.rpm	38c23593dc3854fa23e60dc3afdaca7c3b26d52c5eeae1a82b42a2ef7bcd2ffc
aarch64	python39-psutil-5.8.0-4.module_el8.6.0+2780+a40f65e1.aarch64.rpm	69c388dbbaf69e6b3cd4f75de40ff58dcb926624f4427815e0da758ae15e650f
aarch64	python39-Cython-0.29.21-5.module_el8.6.0+2780+a40f65e1.aarch64.rpm	7cf9365f247ba4b04d753924adb0b0ff680fb2db4fbcb16d8a28078b3433fec8
aarch64	python39-psycopg2-2.8.6-2.module_el8.6.0+2780+a40f65e1.aarch64.rpm	7e3f10153a12cb968fc339affa9729e2fccbc6c95a764a5c230e93cb6af85860
aarch64	python39-psycopg2-doc-2.8.6-2.module_el8.6.0+2780+a40f65e1.aarch64.rpm	ab4808b3ac95ebf5afceadacfa3f59a4cc3e41426026e47e0bd9e1e4cb31c319
aarch64	python39-pyyaml-5.4.1-1.module_el8.6.0+2780+a40f65e1.aarch64.rpm	bd69cec4b5d32072ab1ad36b845af4e82a9e505bdee9d7d2d70a8409234ba3ad
aarch64	python39-scipy-1.5.4-3.module_el8.6.0+2780+a40f65e1.aarch64.rpm	d911ca27ba07fb999320bc25d65d6106a2a5618c0f1c9e191bf94d9ddaa40b2e
aarch64	python39-cffi-1.14.3-2.module_el8.6.0+2780+a40f65e1.aarch64.rpm	daa35574cf0d12b84d723900240dd019028501344df9ebc34279ee8eba2ba516
aarch64	python39-numpy-1.19.4-3.module_el8.6.0+2780+a40f65e1.aarch64.rpm	e825258ae08adade3db36bc28b97d98147c2c585127e678f52727e8b8939afa6
noarch	python39-chardet-3.0.4-19.module_el8.6.0+2780+a40f65e1.noarch.rpm	05646c9640a93f0cae3cf9dea2954dabd7e29f8fc9afbfd6b560e4a98004b5d9
noarch	python39-urllib3-1.25.10-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	06aabd763910bfdb55f7b8f0325a9d8859a67a50d845f39fadc9096890dbf496
noarch	python39-py-1.10.0-1.module_el8.6.0+2780+a40f65e1.noarch.rpm	31ad3684d951066c0e5ca1adf44adfbe92fca7f11d24d699bf02826453774740
noarch	python39-pycparser-2.20-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	36951a3338286403ce0e088c1f19852632705e7dceef5571e5464b5c61208974
noarch	python39-pysocks-1.7.1-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	36d0f271b88893241f5dbd4c7bb8fb6c825a18aed3b1d77d8877e483dcaf9d61
noarch	python39-attrs-20.3.0-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	4d269a3a0b944d45bf1d2f564ce3b4ce62bf8cb0b5b7a65f48bfbdb51aa71007
noarch	python39-iniconfig-1.1.1-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	5cccc5f894ea3b17b1df5e99bb99b855809949fdf7f8f3e061fa2631e61fb0ca
noarch	python39-pluggy-0.13.1-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	602d3fec2dc67b10e92a29b74ddfc51f4c10fbad43ce30a9ada32ff6ee51c418
noarch	python39-more-itertools-8.5.0-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	60ea4b7acf684a487e9ffc2bc74041664231abd6cc8fc28ad48c70ffc0e27d74
noarch	python39-requests-2.25.0-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	70fefcaf18f9672157a32e4b921fdeb3ddddcf08aff788bfe9f3d94b1af167a6
noarch	python39-idna-2.10-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	9b2cb5e6fb4ad66c6e6913569625783736fb84e6361b4e1a6ca777039dedd11f
noarch	python39-packaging-20.4-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	9b63b5835997d76ab33ce36967c3343760cf8bb214c80a8f5293295bd1610b8e
noarch	python39-numpy-doc-1.19.4-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	a536afb6c681d3c12afcc479fe84dada68372d9502bbc9396fdd296620a6a648
noarch	python39-wheel-0.35.1-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	aeba35b86a5db0f9131e0e258b2d5882206fc640b56bdf7beb9497191b8941ed
noarch	python39-wcwidth-0.2.5-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	b9980a6271bea04e8c9d539f0eeb20bdf5136d9b935c76c7bf3230c7ac98b72b
noarch	python39-toml-0.10.1-5.module_el8.6.0+2780+a40f65e1.noarch.rpm	bd68deb2acd20331dd71a07c97a2fec809ec50d67d832edb6d90346ae441ca9a
noarch	python39-six-1.15.0-3.module_el8.6.0+2780+a40f65e1.noarch.rpm	c0cabab4e96d5743180aaea757f23055acc7a325f00a856c7d685c250ce68b5e
noarch	python39-wheel-wheel-0.35.1-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	c3c6df124b0b18855dc4e5d6afc893e3112a98615f540bd7b651f8e7988ba8b2
noarch	python39-setuptools-50.3.2-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	d5b7ac46f04cfefe6d865feb17b059588ebde0ace6783edfce048c3d7a3577ae
noarch	python39-pytest-6.0.2-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	d6d1c9fd2ac0f9ba54380b3e7f3ddf2011b42ba33b109cfffc5b70a18d4b158a
noarch	python39-setuptools-wheel-50.3.2-4.module_el8.6.0+2780+a40f65e1.noarch.rpm	d9096bc24ef73fb8f6afaf3a85b96011b2be8b3ef4c1d463faa2c10d5c7f0d6d
noarch	python39-ply-3.11-10.module_el8.6.0+2780+a40f65e1.noarch.rpm	e134e4d0a7d44ab24b28a9e5de2d8c186f5596c5f0c588bea2770d3225acf63c
noarch	python39-PyMySQL-0.10.1-2.module_el8.6.0+2780+a40f65e1.noarch.rpm	f81237c27d6ab23aae04cf6251a21605834a254438d5d936e4d68567d13579e7
noarch	python39-pyparsing-2.4.7-5.module_el8.6.0+2780+a40f65e1.noarch.rpm	f9013127699823e76dc190f97809045e6b455fcdd5a7e4fa95d947c7888a3111
ppc64le	python39-Cython-0.29.21-5.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	10e1046b03c9ceccdc5628fc6801c0bdec1d5a67c80fbe682f9701ac0f35ab92
ppc64le	python39-cffi-1.14.3-2.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	2b8f3b42f2cbb5063aa272ac70e7554e9fdb87ef531f58ebb51b938decd94520
ppc64le	python39-numpy-f2py-1.19.4-3.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	477faa749470d164d4e50b9219dcf0a9fa84f77ed9f9070e96cfd3e362b618f2
ppc64le	python39-cryptography-3.3.1-2.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	50c0be5166cb559c6c91569960eaa0bffa5b5f3f1060ddb17986c48b9e4b70ca
ppc64le	python39-mod_wsgi-4.7.1-4.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	607663f84b5d8dd005b12e892ae73963c7b1e72c75d65e03a8851fe492642b65
ppc64le	python39-scipy-1.5.4-3.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	6830d8a8c41ae1e65c5b4cfaf0e67d6d485fb80525c428b86a6556a340713692
ppc64le	python39-psutil-5.8.0-4.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	6e7a1a421eb125722729c63123dec3021da2bedcc7d89896dbe1c4d476d97be5
ppc64le	python39-pyyaml-5.4.1-1.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	817d92a6166b4129c852b37a30b0664a11de2c17b624d6fb6f39df5f002ede77
ppc64le	python39-numpy-1.19.4-3.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	99a16bc7c9736653791ed1ba29f10b80e39056ca0b8537774678db706adcc4f0
ppc64le	python39-psycopg2-tests-2.8.6-2.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	c47e7edba490d20b82bdea63b8ed31f885cf80cb6cc92a9430f486f6239ff08c
ppc64le	python39-psycopg2-2.8.6-2.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	eec2f5cf7fee95a2b032b99edd25dae21feb6073cdd1e6b5265c48de358b79af
ppc64le	python39-psycopg2-doc-2.8.6-2.module_el8.6.0+2780+a40f65e1.ppc64le.rpm	f9075526c9244bca0cb1394e9543039aae2ff4febb1f98ffcd02d6d66c602264
x86_64	python39-cffi-1.14.3-2.module_el8.6.0+2780+a40f65e1.x86_64.rpm	0bebb703b97bc003b7410d9a7c52653c37edb819b63f0e31aeea26a6ad068cf6
x86_64	python39-mod_wsgi-4.7.1-4.module_el8.6.0+2780+a40f65e1.x86_64.rpm	0d1adcf81e376582b3a5e1700ef3c2a8a7ceef385001af649e58f00ce817d3e3
x86_64	python39-numpy-1.19.4-3.module_el8.6.0+2780+a40f65e1.x86_64.rpm	25d13a7de4b8e082fc31a296afbc5e9d95f5fc5200b5c7f74c24816361d211f4
x86_64	python39-pyyaml-5.4.1-1.module_el8.6.0+2780+a40f65e1.x86_64.rpm	268de852619c100cfddaa6542083248fb9f044404e4cb1c10182b1bbb38c75cc
x86_64	python39-cryptography-3.3.1-2.module_el8.6.0+2780+a40f65e1.x86_64.rpm	46be8c802e9c79a67b72f38e18af68c52c559bf60dc854be2b92bd1d9c4abdd8
x86_64	python39-Cython-0.29.21-5.module_el8.6.0+2780+a40f65e1.x86_64.rpm	547cbfc64c87d7032f1da548964f9dfa971957a97a952ededf29fdd7cdd56ea5
x86_64	python39-psycopg2-2.8.6-2.module_el8.6.0+2780+a40f65e1.x86_64.rpm	565d459389fd84f812a2907f1cbb8448c47a16f9970fc5b0c3191b97d5852486
x86_64	python39-scipy-1.5.4-3.module_el8.6.0+2780+a40f65e1.x86_64.rpm	71b2e10abd75014c0f56194ac4f1190bbc11a69e77b21b7ca5835e3ac12b554e
x86_64	python39-psycopg2-tests-2.8.6-2.module_el8.6.0+2780+a40f65e1.x86_64.rpm	ae7f66850f3691018078b1ab5eda5b38674177557af5c9bf4877df512f0cba6e
x86_64	python39-psycopg2-doc-2.8.6-2.module_el8.6.0+2780+a40f65e1.x86_64.rpm	c3dbe3e175a3eb0ebae69e52dabde46ac22d02f6ad81ad557ae1fb4c242fa7b0
x86_64	python39-psutil-5.8.0-4.module_el8.6.0+2780+a40f65e1.x86_64.rpm	cdaad571b2a3963e814edf94ab46b07819f3e7ec0dc2508f5bcdcd35cba1327a
x86_64	python39-numpy-f2py-1.19.4-3.module_el8.6.0+2780+a40f65e1.x86_64.rpm	e5d0b9377327a8abe75bb74764100d5cd15ea9e98c6807bf68ef67a93a4dd311

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.