[ALSA-2021:4162] Moderate: python38:3.8 and python38-devel:3.8 security update
Type:
security
Severity:
moderate
Release date:
2021-11-09
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python-psutil: Double free because of refcount mishandling (CVE-2019-18874) * python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493) * python: Information disclosure via pydoc (CVE-2021-3426) * python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771) * python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336) * python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS (CVE-2021-28957) * python-ipaddress: Improper input validation of octal strings (CVE-2021-29921) * python-urllib3: ReDoS in the parsing of authority part of URL (CVE-2021-33503) * python-pip: Incorrect handling of unicode separators in git references (CVE-2021-3572) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 python38-markupsafe-1.1.1-6.module_el8.6.0+2778+cd494b30.aarch64.rpm 3f488db760321468941121cb12ad0fc0e9475b3622136942dcd630cffd24e58b
aarch64 python38-pyyaml-5.4.1-1.module_el8.6.0+2778+cd494b30.aarch64.rpm 4f076f8068434440b2f5d4e3d4f77d1f4b6207626d2f23a04c6a01522ff23ac5
aarch64 python38-psutil-5.6.4-4.module_el8.6.0+2778+cd494b30.aarch64.rpm 6f9de9137566a128895b2ab39744217451977a1afd34d187cb54bf607946f459
aarch64 python38-numpy-f2py-1.17.3-6.module_el8.6.0+2778+cd494b30.aarch64.rpm 6fc01ad69ab3ae9c60dad8a7e22220072cbd24c5495cd0158e8d22c7e3471dfc
aarch64 python38-scipy-1.3.1-4.module_el8.6.0+2778+cd494b30.aarch64.rpm 7a8f643660f230b6d5a8d0f3292141748a5c38bc3030e618f6f103c63af0f44f
aarch64 python38-Cython-0.29.14-4.module_el8.6.0+2778+cd494b30.aarch64.rpm a4e1d3d54e2a12f52aab2227978ee9e0a7af759c5d2e2564214321c648ef9ae5
aarch64 python38-psycopg2-2.8.4-4.module_el8.6.0+2778+cd494b30.aarch64.rpm b2e43444b2dabaa46628615d6263e07945d5eb190e4af36952cfb19c511d4864
aarch64 python38-mod_wsgi-4.6.8-3.module_el8.6.0+2778+cd494b30.aarch64.rpm b323ee37330a883fc856e013571f5135df2fb8713757dd2590096cde7bd6614f
aarch64 python38-cffi-1.13.2-3.module_el8.6.0+2778+cd494b30.aarch64.rpm b40a44d392b221398be147937cdf5987d0f3d4e8bfec2e1e3a55271aafe281d8
aarch64 python38-cryptography-2.8-3.module_el8.6.0+2778+cd494b30.aarch64.rpm bf72b57867e7b5e38597ff7d7cd4c14a8f5917cabef72b72aa927ddf62cd84f6
aarch64 python38-psycopg2-doc-2.8.4-4.module_el8.6.0+2778+cd494b30.aarch64.rpm c4a25a77c5201ef4da0194f13891bae13417ab45a23def0e8b7e9cbd09966f7a
aarch64 python38-psycopg2-tests-2.8.4-4.module_el8.6.0+2778+cd494b30.aarch64.rpm eba86f1d719f3bf1b524322a7ef1f22f20a539a644c465831f8e3e102a5176bb
aarch64 python38-numpy-1.17.3-6.module_el8.6.0+2778+cd494b30.aarch64.rpm ff2cacf645aae68b3a20840f3dc0fd2255a04eeac436559c0f5adec71ccd448f
noarch python38-asn1crypto-1.2.0-3.module_el8.6.0+2778+cd494b30.noarch.rpm 02dd00e439241ec1b0a1151948e9445a82f9eecf9740cd9e21f365ddd0dce291
noarch python38-attrs-19.3.0-3.module_el8.6.0+2778+cd494b30.noarch.rpm 09a1d9e4a52965982dfc1fa8ba2beba109e069f6a9f9223d0d37b873326924c4
noarch python38-urllib3-1.25.7-5.module_el8.6.0+2778+cd494b30.noarch.rpm 1c854cd02b9b9f3312264296a6fbb6911ba465792d64fd2cbf97a5a01a253d26
noarch python38-pycparser-2.19-3.module_el8.6.0+2778+cd494b30.noarch.rpm 323e4624b4a15564a85ebcbfd841409d1642e4623ee4ec2d3aed59bc7e1ab829
noarch python38-chardet-3.0.4-19.module_el8.6.0+2778+cd494b30.noarch.rpm 3fa07e33c9abbda7289a9afec9ed4b0923a21b740c5011f4111055590466435a
noarch python38-wheel-wheel-0.33.6-6.module_el8.6.0+2778+cd494b30.noarch.rpm 3fe0327ebce820b6d26c55b284ec7cabcd5d27d70ee5a310db62c6cee6680e86
noarch python38-six-1.12.0-10.module_el8.6.0+2778+cd494b30.noarch.rpm 64fccef78c9117d67f1dd91023f2e52a5dea26b59b342b4ab5244642d3fb443d
noarch python38-atomicwrites-1.3.0-8.module_el8.6.0+2778+cd494b30.noarch.rpm 6fa7f83a90370f540823655ca6cdb8b607b3b9ad24e2e3ad588f8c0e5a1a16c4
noarch python38-packaging-19.2-3.module_el8.6.0+2778+cd494b30.noarch.rpm 70ba602e2104c884d8da57b6eddb6050293b3718e0bde793fb7435307eaba5fe
noarch python38-babel-2.7.0-11.module_el8.6.0+2778+cd494b30.noarch.rpm 83c708a32e8f1f3384ef61a65e81536ba1a3dd654c7db21ca2e6fb33f6fe5277
noarch python38-py-1.8.0-8.module_el8.6.0+2778+cd494b30.noarch.rpm 9d8d83305122a064931b9f29ad88f4420065574cc5c76c182be95f7985264011
noarch python38-wcwidth-0.1.7-16.module_el8.6.0+2778+cd494b30.noarch.rpm acd987c1295ff57494b53c8f0333dcb6393e23302e0bf4943980602d2d632d71
noarch python38-wheel-0.33.6-6.module_el8.6.0+2778+cd494b30.noarch.rpm bc0227adb0fc8a67582fa1e63bc325475c24d3079f987c24985c7e1c60e2683b
noarch python38-pyparsing-2.4.5-3.module_el8.6.0+2778+cd494b30.noarch.rpm bde2f98bc679be8f8021723e792d3b80d6e747ef4d13c8df7683e711231b5746
noarch python38-jinja2-2.10.3-5.module_el8.6.0+2778+cd494b30.noarch.rpm bec5246952e7c06cdf9668cddbaf25ef126455e0c23c58709f2390b31a4e26ed
noarch python38-pluggy-0.13.0-3.module_el8.6.0+2778+cd494b30.noarch.rpm c086f05742550f66c5900a95559cff1f359ff15e9d993e2e6b2273d832dc4e53
noarch python38-ply-3.11-10.module_el8.6.0+2778+cd494b30.noarch.rpm c9e329fc07bf0783b7fe9856872d89b8585935f0b0796d9644bd9180e856ee0e
noarch python38-pytest-4.6.6-3.module_el8.6.0+2778+cd494b30.noarch.rpm e6012b9ccafd25bbaedf217b12e8a334efce23d6d66ed94ee4292ad0e563bf3d
noarch python38-PyMySQL-0.10.1-1.module_el8.6.0+2778+cd494b30.noarch.rpm ea7ab6e644af54dd1c7b612565016c4fbc5a3971de5086cf83c96544fb234007
noarch python38-numpy-doc-1.17.3-6.module_el8.6.0+2778+cd494b30.noarch.rpm ed0bf353f1c8dde52a1ca4878bfeecc59da8efe63cdd1d8169f19be49d7f3e10
noarch python38-setuptools-wheel-41.6.0-5.module_el8.6.0+2778+cd494b30.noarch.rpm ed63488c6203e053f99e3bdf9b49d2af17d3f4ca0f9d1462e6cca591f123e806
noarch python38-requests-2.22.0-9.module_el8.6.0+2778+cd494b30.noarch.rpm f0aae6da0c3adc1ce2afc8002e1de2085429c2f1251e8a1b0a4ba94868e10e74
noarch python38-idna-2.8-6.module_el8.6.0+2778+cd494b30.noarch.rpm f2a5e3f36b6b6dcfb406a36e33d0cb2a5ccecdb58f6ad2b6ef2be364fbc98eb6
noarch python38-more-itertools-7.2.0-5.module_el8.6.0+2778+cd494b30.noarch.rpm f40c2a878b1c1df38da0c4a0671d1d7ab8a487c6434426e9b63641adad1d5b04
noarch python38-pytz-2019.3-3.module_el8.6.0+2778+cd494b30.noarch.rpm f7e39d7913177c47998e2b3a6be29a29cb15561a3baad01deb9754a388c3762f
noarch python38-pysocks-1.7.1-4.module_el8.6.0+2778+cd494b30.noarch.rpm fc640ac497749830a68c783a3d77e3d53ac14c9c72fb74ec533f5f12c0a6c05e
noarch python38-setuptools-41.6.0-5.module_el8.6.0+2778+cd494b30.noarch.rpm ff19d2d739de077948f84bd9464b47f894f00ef116a40e8be06a7d2e5d3c11e2
ppc64le python38-psutil-5.6.4-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm 197f3f71a95fb6bc9ce11fe474cb27938c0baeca94471f16d1db110577520dfc
ppc64le python38-pyyaml-5.4.1-1.module_el8.6.0+2778+cd494b30.ppc64le.rpm 23a40fed9f889a4d596b2fbfd1d35fcea4ef85cfd1f8d166d041a8479bfa9add
ppc64le python38-psycopg2-doc-2.8.4-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm 6b34bcec0c6e1da96fe43fe20f534fe61aa21e50a7a13eecbf996edfb1e5657f
ppc64le python38-mod_wsgi-4.6.8-3.module_el8.6.0+2778+cd494b30.ppc64le.rpm 883dd4bcf9997e0b060d790e78bff647e3bb656ac71d76493674d4c72188f0ff
ppc64le python38-numpy-f2py-1.17.3-6.module_el8.6.0+2778+cd494b30.ppc64le.rpm 88ba6b8efa29c7bf8086da3ef9b3702b8ef6eb484a380d29f94a9f87d827aae9
ppc64le python38-numpy-1.17.3-6.module_el8.6.0+2778+cd494b30.ppc64le.rpm 9c98e475fe7b98c5d948c6dde94633ce83079c400e84a587b1bddf5958852556
ppc64le python38-psycopg2-tests-2.8.4-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm a63dae7824cfc6b625ef07bc19027688e2262692635a0b8c8da25056c481a332
ppc64le python38-cffi-1.13.2-3.module_el8.6.0+2778+cd494b30.ppc64le.rpm aacfd9bd3cb4495f4aa594caf7f03479bad0827a1c5df7ea251be34ca7263ba9
ppc64le python38-cryptography-2.8-3.module_el8.6.0+2778+cd494b30.ppc64le.rpm bd9fcf4ac2ab77d536a7f6bc32ac933d088c0db36817f4ce1c8c09c81c2f4ee6
ppc64le python38-psycopg2-2.8.4-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm d20742d1f385d2570868b45daa29370a34dddbaad00a8fd61437de89094b0b59
ppc64le python38-Cython-0.29.14-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm d5ab0324cb57894c65ae8e4b7ac04ae711cfcdecdea5234dff3317ed69ff4f3d
ppc64le python38-scipy-1.3.1-4.module_el8.6.0+2778+cd494b30.ppc64le.rpm d6dde26d35cd675b4a2d552cb2bbf0d8d353b6b25ca6f7d1c77e43a9fcea98d2
ppc64le python38-markupsafe-1.1.1-6.module_el8.6.0+2778+cd494b30.ppc64le.rpm f6f0cd84192980d972315452158fa711e7275cffa13574cdd8d0fabad40c4aa9
x86_64 python38-psycopg2-tests-2.8.4-4.module_el8.6.0+2778+cd494b30.x86_64.rpm 297774bf7efc03efb275822cce163f78569c2096af6cf968fbed9111e10bb77b
x86_64 python38-psycopg2-doc-2.8.4-4.module_el8.6.0+2778+cd494b30.x86_64.rpm 42c503c28d2094d6f714411f460927b51d0c3eceb2e9b94ad6701866f5d1d44a
x86_64 python38-psutil-5.6.4-4.module_el8.6.0+2778+cd494b30.x86_64.rpm 43f0cf508c339bd5ed741ad46edab2a7b695c42d0f2eec277925779a7b7ae67c
x86_64 python38-scipy-1.3.1-4.module_el8.6.0+2778+cd494b30.x86_64.rpm 72fe569372b560af7f09419c45e25f9c8c62b1886de2d475a48692f294e720d2
x86_64 python38-psycopg2-2.8.4-4.module_el8.6.0+2778+cd494b30.x86_64.rpm 7e8562f43621449635453ceb19beba2b4e4cdfc4bbc6201326dc733b4a7798cd
x86_64 python38-numpy-1.17.3-6.module_el8.6.0+2778+cd494b30.x86_64.rpm 8259846bae159f9d4b29ca89e88d550cf4ea23464c09fd2cb0659322abacaf80
x86_64 python38-markupsafe-1.1.1-6.module_el8.6.0+2778+cd494b30.x86_64.rpm 83c18e67f826f15390dab196aabb0383434f863553f3b1ca841fee8c38e18695
x86_64 python38-cffi-1.13.2-3.module_el8.6.0+2778+cd494b30.x86_64.rpm a1283a30a43e0310e0bc23723857fe56c9a1e6cd2c78050acd27a6159037e385
x86_64 python38-mod_wsgi-4.6.8-3.module_el8.6.0+2778+cd494b30.x86_64.rpm c7ecf3d670eaf8d8047cbd0e7407880b4bac1de2f76b35d5690e75690f678efd
x86_64 python38-cryptography-2.8-3.module_el8.6.0+2778+cd494b30.x86_64.rpm cdc102a8338bcf5d4c9681345a1243cc0bcc0893fba2cf1ef9ca6c14e38dd566
x86_64 python38-Cython-0.29.14-4.module_el8.6.0+2778+cd494b30.x86_64.rpm ce45d8d4e62578be39bc2fad0cf25b5af26abdd28ebf45bdd239ebc95c9f49f1
x86_64 python38-pyyaml-5.4.1-1.module_el8.6.0+2778+cd494b30.x86_64.rpm d556419223e2c29c55481dd1bec71ef71e02552baaeac68ceb5629d027df0eba
x86_64 python38-numpy-f2py-1.17.3-6.module_el8.6.0+2778+cd494b30.x86_64.rpm e2cdf8c53692bf0694d877cbb36b36ffb21903f467137bb21fbfd523775db1c2
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.