Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Critical Security Update for Python39 in Red Hat Enterprise Linux 8

Calendar Nov 08, 2022 User Avatar LinuxSecurity Advisories
10 - 20 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory security update update Red Hat Enterprise python Moderate module integrity
An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: python39:3.9 and python39-devel:3.9 security update
Advisory ID:       RHSA-2022:7592-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7592
Issue date:        2022-11-08
CVE Names:         CVE-2015-20107 
====================================================================
1. Summary:

An update for the python39:3.9 and python39-devel:3.9 modules is now
available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to many
system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* python: mailcap: findmatch() function does not sanitize the second
argument (CVE-2015-20107)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.7 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2075390 - CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument
2095271 - testsuite failures caused by expat: test_minidom, test_xml_etree_c, test_xml_etree

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
PyYAML-5.4.1-1.module+el8.5.0+10613+59a13ec4.src.rpm
mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.src.rpm
numpy-1.19.4-3.module+el8.5.0+12204+54860423.src.rpm
python-PyMySQL-0.10.1-2.module+el8.4.0+9822+20bf1249.src.rpm
python-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.src.rpm
python-chardet-3.0.4-19.module+el8.4.0+9822+20bf1249.src.rpm
python-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.src.rpm
python-idna-2.10-3.module+el8.4.0+9822+20bf1249.src.rpm
python-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.src.rpm
python-ply-3.11-10.module+el8.4.0+9822+20bf1249.src.rpm
python-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.src.rpm
python-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.src.rpm
python-pycparser-2.20-3.module+el8.4.0+9822+20bf1249.src.rpm
python-pysocks-1.7.1-4.module+el8.4.0+9822+20bf1249.src.rpm
python-requests-2.25.0-2.module+el8.4.0+9822+20bf1249.src.rpm
python-toml-0.10.1-5.module+el8.4.0+9822+20bf1249.src.rpm
python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1.src.rpm
python-wheel-0.35.1-4.module+el8.5.0+12204+54860423.src.rpm
python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.src.rpm
python3x-pip-20.2.4-7.module+el8.6.0+13003+6bb2c488.src.rpm
python3x-setuptools-50.3.2-4.module+el8.5.0+12204+54860423.src.rpm
python3x-six-1.15.0-3.module+el8.4.0+9822+20bf1249.src.rpm
scipy-1.5.4-3.module+el8.4.0+9822+20bf1249.src.rpm

aarch64:
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10613+59a13ec4.aarch64.rpm
numpy-debugsource-1.19.4-3.module+el8.5.0+12204+54860423.aarch64.rpm
python-cffi-debugsource-1.14.3-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python-cryptography-debugsource-3.3.1-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python-lxml-debugsource-4.6.5-1.module+el8.6.0+13933+9cf0c87c.aarch64.rpm
python-psutil-debugsource-5.8.0-4.module+el8.4.0+9822+20bf1249.aarch64.rpm
python-psycopg2-debugsource-2.8.6-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-cffi-debuginfo-1.14.3-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-cryptography-debuginfo-3.3.1-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-debuginfo-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-debugsource-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-devel-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-idle-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-libs-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.aarch64.rpm
python39-lxml-debuginfo-4.6.5-1.module+el8.6.0+13933+9cf0c87c.aarch64.rpm
python39-mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.aarch64.rpm
python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423.aarch64.rpm
python39-numpy-debuginfo-1.19.4-3.module+el8.5.0+12204+54860423.aarch64.rpm
python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423.aarch64.rpm
python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-psutil-debuginfo-5.8.0-4.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-psycopg2-debuginfo-2.8.6-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4.aarch64.rpm
python39-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10613+59a13ec4.aarch64.rpm
python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-scipy-debuginfo-1.5.4-3.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-test-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-tkinter-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
scipy-debugsource-1.5.4-3.module+el8.4.0+9822+20bf1249.aarch64.rpm

noarch:
python39-PyMySQL-0.10.1-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-chardet-3.0.4-19.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-idna-2.10-3.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-numpy-doc-1.19.4-3.module+el8.5.0+12204+54860423.noarch.rpm
python39-pip-20.2.4-7.module+el8.6.0+13003+6bb2c488.noarch.rpm
python39-pip-wheel-20.2.4-7.module+el8.6.0+13003+6bb2c488.noarch.rpm
python39-ply-3.11-10.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-pycparser-2.20-3.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-pysocks-1.7.1-4.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-requests-2.25.0-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-rpm-macros-3.9.13-1.module+el8.7.0+15656+ffd4a257.noarch.rpm
python39-setuptools-50.3.2-4.module+el8.5.0+12204+54860423.noarch.rpm
python39-setuptools-wheel-50.3.2-4.module+el8.5.0+12204+54860423.noarch.rpm
python39-six-1.15.0-3.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-toml-0.10.1-5.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1.noarch.rpm
python39-wheel-0.35.1-4.module+el8.5.0+12204+54860423.noarch.rpm
python39-wheel-wheel-0.35.1-4.module+el8.5.0+12204+54860423.noarch.rpm

ppc64le:
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10613+59a13ec4.ppc64le.rpm
numpy-debugsource-1.19.4-3.module+el8.5.0+12204+54860423.ppc64le.rpm
python-cffi-debugsource-1.14.3-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python-cryptography-debugsource-3.3.1-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python-lxml-debugsource-4.6.5-1.module+el8.6.0+13933+9cf0c87c.ppc64le.rpm
python-psutil-debugsource-5.8.0-4.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python-psycopg2-debugsource-2.8.6-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-cffi-debuginfo-1.14.3-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-cryptography-debuginfo-3.3.1-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-debuginfo-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-debugsource-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-devel-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-idle-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-libs-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.ppc64le.rpm
python39-lxml-debuginfo-4.6.5-1.module+el8.6.0+13933+9cf0c87c.ppc64le.rpm
python39-mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.ppc64le.rpm
python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423.ppc64le.rpm
python39-numpy-debuginfo-1.19.4-3.module+el8.5.0+12204+54860423.ppc64le.rpm
python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423.ppc64le.rpm
python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-psutil-debuginfo-5.8.0-4.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-psycopg2-debuginfo-2.8.6-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4.ppc64le.rpm
python39-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10613+59a13ec4.ppc64le.rpm
python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-scipy-debuginfo-1.5.4-3.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-test-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-tkinter-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
scipy-debugsource-1.5.4-3.module+el8.4.0+9822+20bf1249.ppc64le.rpm

s390x:
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10613+59a13ec4.s390x.rpm
numpy-debugsource-1.19.4-3.module+el8.5.0+12204+54860423.s390x.rpm
python-cffi-debugsource-1.14.3-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python-cryptography-debugsource-3.3.1-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python-lxml-debugsource-4.6.5-1.module+el8.6.0+13933+9cf0c87c.s390x.rpm
python-psutil-debugsource-5.8.0-4.module+el8.4.0+9822+20bf1249.s390x.rpm
python-psycopg2-debugsource-2.8.6-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-cffi-debuginfo-1.14.3-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-cryptography-debuginfo-3.3.1-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-debuginfo-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-debugsource-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-devel-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-idle-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-libs-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.s390x.rpm
python39-lxml-debuginfo-4.6.5-1.module+el8.6.0+13933+9cf0c87c.s390x.rpm
python39-mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.s390x.rpm
python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423.s390x.rpm
python39-numpy-debuginfo-1.19.4-3.module+el8.5.0+12204+54860423.s390x.rpm
python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423.s390x.rpm
python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-psutil-debuginfo-5.8.0-4.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-psycopg2-debuginfo-2.8.6-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4.s390x.rpm
python39-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10613+59a13ec4.s390x.rpm
python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-scipy-debuginfo-1.5.4-3.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-test-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-tkinter-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
scipy-debugsource-1.5.4-3.module+el8.4.0+9822+20bf1249.s390x.rpm

x86_64:
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10613+59a13ec4.x86_64.rpm
numpy-debugsource-1.19.4-3.module+el8.5.0+12204+54860423.x86_64.rpm
python-cffi-debugsource-1.14.3-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python-cryptography-debugsource-3.3.1-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python-lxml-debugsource-4.6.5-1.module+el8.6.0+13933+9cf0c87c.x86_64.rpm
python-psutil-debugsource-5.8.0-4.module+el8.4.0+9822+20bf1249.x86_64.rpm
python-psycopg2-debugsource-2.8.6-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-cffi-debuginfo-1.14.3-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-cryptography-debuginfo-3.3.1-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-debuginfo-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-debugsource-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-devel-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-idle-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-libs-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.x86_64.rpm
python39-lxml-debuginfo-4.6.5-1.module+el8.6.0+13933+9cf0c87c.x86_64.rpm
python39-mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.x86_64.rpm
python39-numpy-1.19.4-3.module+el8.5.0+12204+54860423.x86_64.rpm
python39-numpy-debuginfo-1.19.4-3.module+el8.5.0+12204+54860423.x86_64.rpm
python39-numpy-f2py-1.19.4-3.module+el8.5.0+12204+54860423.x86_64.rpm
python39-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-psutil-debuginfo-5.8.0-4.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-psycopg2-debuginfo-2.8.6-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-psycopg2-doc-2.8.6-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-psycopg2-tests-2.8.6-2.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-pyyaml-5.4.1-1.module+el8.5.0+10613+59a13ec4.x86_64.rpm
python39-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10613+59a13ec4.x86_64.rpm
python39-scipy-1.5.4-3.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-scipy-debuginfo-1.5.4-3.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-test-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-tkinter-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
scipy-debugsource-1.5.4-3.module+el8.4.0+9822+20bf1249.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

Source:
Cython-0.29.21-5.module+el8.4.0+9822+20bf1249.src.rpm
pybind11-2.7.1-1.module+el8.6.0+12838+640e6226.src.rpm
pytest-6.0.2-2.module+el8.4.0+9822+20bf1249.src.rpm
python-attrs-20.3.0-2.module+el8.4.0+9822+20bf1249.src.rpm
python-iniconfig-1.1.1-2.module+el8.4.0+9822+20bf1249.src.rpm
python-more-itertools-8.5.0-2.module+el8.4.0+9822+20bf1249.src.rpm
python-packaging-20.4-4.module+el8.4.0+9822+20bf1249.src.rpm
python-pluggy-0.13.1-3.module+el8.4.0+9822+20bf1249.src.rpm
python-py-1.10.0-1.module+el8.4.0+9822+20bf1249.src.rpm
python-wcwidth-0.2.5-3.module+el8.4.0+9822+20bf1249.src.rpm
python3x-pyparsing-2.4.7-5.module+el8.4.0+9822+20bf1249.src.rpm

aarch64:
Cython-debugsource-0.29.21-5.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-Cython-debuginfo-0.29.21-5.module+el8.4.0+9822+20bf1249.aarch64.rpm
python39-debug-3.9.13-1.module+el8.7.0+15656+ffd4a257.aarch64.rpm
python39-pybind11-2.7.1-1.module+el8.6.0+12838+640e6226.aarch64.rpm
python39-pybind11-devel-2.7.1-1.module+el8.6.0+12838+640e6226.aarch64.rpm

noarch:
python39-attrs-20.3.0-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-iniconfig-1.1.1-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-more-itertools-8.5.0-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-packaging-20.4-4.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-pluggy-0.13.1-3.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-py-1.10.0-1.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-pyparsing-2.4.7-5.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-pytest-6.0.2-2.module+el8.4.0+9822+20bf1249.noarch.rpm
python39-wcwidth-0.2.5-3.module+el8.4.0+9822+20bf1249.noarch.rpm

ppc64le:
Cython-debugsource-0.29.21-5.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-Cython-debuginfo-0.29.21-5.module+el8.4.0+9822+20bf1249.ppc64le.rpm
python39-debug-3.9.13-1.module+el8.7.0+15656+ffd4a257.ppc64le.rpm
python39-pybind11-2.7.1-1.module+el8.6.0+12838+640e6226.ppc64le.rpm
python39-pybind11-devel-2.7.1-1.module+el8.6.0+12838+640e6226.ppc64le.rpm

s390x:
Cython-debugsource-0.29.21-5.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-Cython-debuginfo-0.29.21-5.module+el8.4.0+9822+20bf1249.s390x.rpm
python39-debug-3.9.13-1.module+el8.7.0+15656+ffd4a257.s390x.rpm
python39-pybind11-2.7.1-1.module+el8.6.0+12838+640e6226.s390x.rpm
python39-pybind11-devel-2.7.1-1.module+el8.6.0+12838+640e6226.s390x.rpm

x86_64:
Cython-debugsource-0.29.21-5.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-Cython-0.29.21-5.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-Cython-debuginfo-0.29.21-5.module+el8.4.0+9822+20bf1249.x86_64.rpm
python39-debug-3.9.13-1.module+el8.7.0+15656+ffd4a257.x86_64.rpm
python39-pybind11-2.7.1-1.module+el8.6.0+12838+640e6226.x86_64.rpm
python39-pybind11-devel-2.7.1-1.module+el8.6.0+12838+640e6226.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key

7. References:

https://access.redhat.com/security/cve/CVE-2015-20107
https://access.redhat.com/security/updates/classification#moderate
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.7_release_notes/index

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY2pSctzjgjWX9erEAQgiGQ//V4m/nbECoCdVhPO3pHwMQljQRDiuU51c
R4kZ3AdTymu+8Fq5/T4P4VIUCDdD00RJj3EmtF6gMBG66wEC2pcHTnbnvqvd77dB
AOQp4ORyOzkgs/lgkmmJPVYKk9NdHE+kE3FqsblQA/q4Xy5ToW75RKpWzz8EOr2r
oZf6u1/DKzoO0AW/HRAU6IELRZ8ldT2AQMFnkc2tIdbxGf9A9r3liTS/maoTON6r
FBiQO6oriwR/XsLmXrOkBMwTxzhGMZz6snla4ZFBDS0iM86C6wUQVEcNUS6camm9
LJJOBxqG9mbgDrfwNPkUPLpU8cNbXS6JtVsaNKpHNoiYSWA5czmZGYmDvZsL2NKG
Ue/onFA3PIpYZZi890pSPU8083UU9QO9s1ppxhHk9y7MQVgorSlARoDOqgysJaLs
Jiwn4sY8GU1MqZM6250/Caabc0ORFEC8OXHKqYg7s2rPLT9MsoFGo1d4e0jcZi2H
S+p9soeN5oTEiQGFXwV/kdFhR0gSyBZ95F6vnxlZ0vnQ2i5JKvFSEci/wBSEYZWt
XpYDrmAQ7J6q9eHuG/9h8zmZTvZz1eS0QIqeyWGz+VI7yb7eQEz3m3u0qqbcIxcG
c6xzyezH2805bgXPqq7jq5egOyRfMrCmvjo8L6s4dZJ7yGb9prJhrOovUn23F0Ld
EpSQ+iRc1m4=ATee
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Critical Security Update for Python39 in Red Hat Enterprise Linux 8

red hat
Calendar Grey November 8, 2022
Dist Redhat Esm H88
A minor security patch for python39 and python39-devel packages has been released for Red Hat Enterprise Linux 8.
An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Topics%20covered

Topics Covered

security advisory security update update Red Hat Enterprise python Moderate module integrity

References

https://access.redhat.com/security/cve/CVE-2015-20107 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.7_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: PyYAML-5.4.1-1.module+el8.5.0+10613+59a13ec4.src.rpm mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f.src.rpm numpy-1.19.4-3.module+el8.5.0+12204+54860423.src.rpm python-PyMySQL-0.10.1-2.module+el8.4.0+9822+20bf1249.src.rpm python-cffi-1.14.3-2.module+el8.4.0+9822+20bf1249.src.rpm python-chardet-3.0.4-19.module+el8.4.0+9822+20bf1249.src.rpm python-cryptography-3.3.1-2.module+el8.4.0+9822+20bf1249.src.rpm python-idna-2.10-3.module+el8.4.0+9822+20bf1249.src.rpm python-lxml-4.6.5-1.module+el8.6.0+13933+9cf0c87c.src.rpm python-ply-3.11-10.module+el8.4.0+9822+20bf1249.src.rpm python-psutil-5.8.0-4.module+el8.4.0+9822+20bf1249.src.rpm python-psycopg2-2.8.6-2.module+el8.4.0+9822+20bf1249.src.rpm python-pycparser-2.20-3.module+el8.4.0+9822+20bf1249.src.rpm python-pysocks-1.7.1-4.module+el8.4.0+9822+20bf1249.src.rpm python-requests-2.25.0-2.module+el8.4.0+9822+20bf1249.src.rpm python-toml-0.10.1-5.module+el8.4.0+9822+20bf1249.src.rpm python-urllib3-1.25.10-4.module+el8.5.0+11712+ea2d2be1.src.rpm python-wheel-0.35.1-4.module+el8.5.0+12204+54860423.src.rpm python39-3.9.13-1.module+el8.7.0+15656+ffd4a257.src.rpm python3x-pip-20.2.4-7.module+el8.6.0+13003+6bb2c488.src.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2022:7592-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7592
Issue date: 2022-11-08

Topic

An update for the python39:3.9 and python39-devel:3.9 modules is nowavailable for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory security update update Red Hat Enterprise python Moderate module integrity

Relevant Releases Architectures

Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

2075390 - CVE-2015-20107 python: mailcap: findmatch() function does not sanitize the second argument

2095271 - testsuite failures caused by expat: test_minidom, test_xml_etree_c, test_xml_etree

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here