Stay Vigilant with Timely Linux Security Advisories

security advisorydenial of servicedebian

Debian 10: DSA-5938-1 critical: tornado DoS due to logging

It was discovered that the Tornado Python web framework performed excessive logging when parsing some multipart/form-data requests, which could result in denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5938-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 06, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-tornado CVE ID : CVE-2025-47287 It was discovered that the Tornado Python web framework performed excessive logging when parsing some multipart/form-data requests, which could result in denial of service. For the stable distribution (bookworm), this problem has been fixed in version 6.2.0-3+deb12u2. We recommend that you upgrade your python-tornado packages. For the detailed security status of python-tornado please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-tornado Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Flask web application framework on Ubuntu carries a critical vulnerability due to excessive session storage; an immediate update is advisable.. python tornado, debian security, service denial, logging issue, security update. . Severity: Critical. LinuxSecurity.com Team

Jun 06, 2025 •Critical Debian

security advisorydenial of servicesecurity update

Fedora 41: FEDORA-2024-396c94f0a3 Critical: Denial of Service in Django

urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-396c94f0a3 2024-09-13 20:43:08.472565 -------------------------------------------------------------------------------- Name : python-django Product : Fedora 41 Version : 4.2.16 Release : 1.fc41 URL : https://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. -------------------------------------------------------------------------------- Update Information: urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 4 2024 Michel Lind - 4.2.16-1 - Update to version 4.2.16 - Fixes: CVE-2024-45230, RHBZ#2309746 - Sync spec improvements from python-django4.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2309746 - CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() https://bugzilla.redhat.com/show_bug.cgi?id=2309746 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-396c94f0a3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys usedby the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora Update Alert FEDORA-2024-295a84e0b2 resolves security vulnerabilities in python-django through enhancements.. python-django security update,Fedora denial-of-service vulnerability,python web framework security. . Severity: Critical. LinuxSecurity.com Team

Sep 13, 2024 •Critical Fedora

security advisorydenial of servicenetwork traffic

Django DoS Vulnerability in Ubuntu 23.04, 22.04 LTS, and 20.04 LTS

Django could be made to crash or consume resources if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-6378-1 September 18, 2023 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Django could be made to crash or consume resources if it received specially crafted network traffic. Software Description: - python-django: High-level Python web development framework Details: It was discovered that Django incorrectly handled certain URIs with a very large number of Unicode characters. A remote attacker could possibly use this issue to cause Django to consume resources or crash, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: python3-django 3:3.2.18-1ubuntu0.4 Ubuntu 22.04 LTS: python3-django 2:3.2.12-2ubuntu1.8 Ubuntu 20.04 LTS: python3-django 2:2.2.12-1ubuntu0.19 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6378-1 CVE-2023-41164 Package Information: https://launchpad.net/ubuntu/+source/python-django/3:3.2.18-1ubuntu0.4 https://launchpad.net/ubuntu/+source/python-django/2:3.2.12-2ubuntu1.8 https://launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.19 . Django on Ubuntu experiences vulnerabilities that can lead to crashes or significant resource usage due to malicious network requests.. Django Exploit, Denial Of Service, Network Traffic Vulnerability. . Severity: Important. LinuxSecurity.com Team

Sep 18, 2023 •Important Ubuntu

security advisoryupdateFedora

Fedora 34 Python-Django: 2021-01044b8a59 Moderate: Directory Traversal Fix

fix CVE-2021-31542, also fix for CVE-2021-31542. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-01044b8a59 2021-05-12 05:41:31.252350 --------------------------------------------------------------------------------Name : python-django Product : Fedora 34 Version : 3.1.9 Release : 1.fc34 URL : https://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. --------------------------------------------------------------------------------Update Information: fix CVE-2021-31542, also fix for CVE-2021-31542 --------------------------------------------------------------------------------ChangeLog: * Tue May 4 2021 Matthias Runge - 3.1.9-1 - fix CVE-2021-31542 --------------------------------------------------------------------------------References: [ 1 ] Bug #1944801 - CVE-2021-28658 django: potential directory-traversal via uploaded files https://bugzilla.redhat.com/show_bug.cgi?id=1944801 [ 2 ] Bug #1957455 - CVE-2021-32052 django: header injection possibility since URLValidator accepted newlines in input on Python 3.9.5+ https://bugzilla.redhat.com/show_bug.cgi?id=1957455 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-01044b8a59' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Keep updated on the latest python-django release for Fedora 34, which tackles essential vulnerabilities successfully. Discover further details within!. Fedora Python Django Security Update, Python Framework Security, Directory Traversal Fix. . LinuxSecurity.com Team

May 12, 2021 Fedora

security advisorycriticaldebian

Debian Buster DLA-2675-1 Critical: Django Directory Traversal Issue

It was discovered that there was potential directory-traversal vulnerability in Django, a popular Python-based web development framework. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2651-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb May 06, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python-django Version : 1:1.10.7-2+deb9u13 CVE ID : CVE-2021-31542 Debian Bug : #988053 It was discovered that there was potential directory-traversal vulnerability in Django, a popular Python-based web development framework. The MultiPartParser, UploadedFile and FieldFile classes allowed directory-traversal via uploaded files with suitably crafted file names. In order to mitigate this risk, stricter basename and path sanitation is now applied. Specifically, empty file names and paths with dot segments are rejected. For Debian 9 "Stretch", this problem has been fixed in version 1:1.10.7-2+deb9u13. We recommend that you upgrade your python-django packages. For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-django Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Ubuntu security warns regarding python-django patch to address a remote code execution vulnerability on March 15, 2022.. Debian security, Python framework, Django update, directory traversal, security flaw. . Severity: Critical. LinuxSecurity.com Team

May 06, 2021 •Critical Debian LTS

security advisorydebianhttp splitting

Debian 8: DLA-2145-1 Moderate: Twisted HTTP Splitting Threats

It was discovered that there were a number of HTTP request splitting vulnerabilities in Twisted, an Python event-based framework for building various types of internet applications. . Package : twisted Version : 14.0.2-3+deb8u1 CVE IDs : CVE-2020-10108 CVE-2020-10109 Debian Bug : #953950 It was discovered that there were a number of HTTP request splitting vulnerabilities in Twisted, an Python event-based framework for building various types of internet applications. For more information, please see: https://bishopfox.com/blog/twisted-version-19-10-0-advisory For Debian 8 "Jessie", these issues have been fixed in twisted version 14.0.2-3+deb8u1. We recommend that you upgrade your twisted packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,'`. : :' : Chris Lamb `. `'` This email address is being protected from spambots. You need JavaScript enabled to view it. / chris-lamb.co.uk `- . Peculiar security revision: Addressing HTTP request smuggling flaws in Debian 8 infrastructures. Twisted Security, Debian LTS, Python Framework, Security Update, HTTP Threats. . LinuxSecurity.com Team

Mar 17, 2020 Debian LTS

security advisorydenial of servicedebian

Debian 8: DLA-1892-1 Critical: Flask Input Validation DoS

Flask, a micro web framework for Python contains a CWE-20: Improper Input Validation vulnerability that can result in Large amount of memory usage possibly leading to denial of service. This attack appear . Package : flask Version : 0.10.1-2+deb8u1 CVE ID : CVE-2018-1000656 Flask, a micro web framework for Python contains a CWE-20: Improper Input Validation vulnerability that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. For Debian 8 "Jessie", this problem has been fixed in version 0.10.1-2+deb8u1. We recommend that you upgrade your flask packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A recent Flask security patch resolves an input validation vulnerability that could lead to denial of service in Debian 8 systems.. flask, python framework, input validation, denial of service. . Severity: Critical. LinuxSecurity.com Team

Aug 20, 2019 •Critical Debian LTS

security advisoryred hatbug fix

Red Hat: RHSA-2019-1260-01 Important: Python27-Python Security Impact

An update for python27-python and python27-python-jinja2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: python27-python and python27-python-jinja2 security and bug fix update Advisory ID: RHSA-2019:1260-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:1260 Issue date: 2019-05-22 CVE Names: CVE-2016-10745 CVE-2018-1060 CVE-2018-1061 CVE-2018-14647 CVE-2019-9740 CVE-2019-9947 ==================================================================== 1. Summary: An update for python27-python and python27-python-jinja2 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3.Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packages have been upgraded to a later upstream version: python27-python (2.7.16). (BZ#1709349) Security Fix(es): * python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) * python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: improper neutralization of CRLF sequences in urllib module (CVE-2019-9740) * python: improper neutralization of CRLF sequences in urllib module (CVE-2019-9947) * python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * urlsplit doesn't accept a NFKD hostname with a port number (BZ#1709329) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all applications using Jinja2 must be restarted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1549191 - CVE-2018-1060 python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib 1549192 - CVE-2018-1061 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib 1631822 - CVE-2018-14647 python: Missing salt initialization in _elementtree.c module 1688169 - CVE-2019-9740 python: improper neutralization of CRLF sequences in urllib module 1695572 - CVE-2019-9947 python: improper neutralization of CRLF sequences inurllib module 1698345 - CVE-2016-10745 python-jinja2: Sandbox escape due to information disclosure via str.format 1709349 - Update Python to 2.7.16 [rhscl-3.2.z] 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: python27-python-2.7.16-4.el6.src.rpm python27-python-jinja2-2.6-12.el6.src.rpm noarch: python27-python-jinja2-2.6-12.el6.noarch.rpm x86_64: python27-python-2.7.16-4.el6.x86_64.rpm python27-python-debug-2.7.16-4.el6.x86_64.rpm python27-python-debuginfo-2.7.16-4.el6.x86_64.rpm python27-python-devel-2.7.16-4.el6.x86_64.rpm python27-python-libs-2.7.16-4.el6.x86_64.rpm python27-python-test-2.7.16-4.el6.x86_64.rpm python27-python-tools-2.7.16-4.el6.x86_64.rpm python27-tkinter-2.7.16-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-python-2.7.16-4.el6.src.rpm python27-python-jinja2-2.6-12.el6.src.rpm noarch: python27-python-jinja2-2.6-12.el6.noarch.rpm x86_64: python27-python-2.7.16-4.el6.x86_64.rpm python27-python-debug-2.7.16-4.el6.x86_64.rpm python27-python-debuginfo-2.7.16-4.el6.x86_64.rpm python27-python-devel-2.7.16-4.el6.x86_64.rpm python27-python-libs-2.7.16-4.el6.x86_64.rpm python27-python-test-2.7.16-4.el6.x86_64.rpm python27-python-tools-2.7.16-4.el6.x86_64.rpm python27-tkinter-2.7.16-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm ppc64le: python27-python-2.7.16-4.el7.ppc64le.rpm python27-python-debug-2.7.16-4.el7.ppc64le.rpm python27-python-debuginfo-2.7.16-4.el7.ppc64le.rpm python27-python-devel-2.7.16-4.el7.ppc64le.rpm python27-python-libs-2.7.16-4.el7.ppc64le.rpm python27-python-test-2.7.16-4.el7.ppc64le.rpm python27-python-tools-2.7.16-4.el7.ppc64le.rpm python27-tkinter-2.7.16-4.el7.ppc64le.rpm s390x: python27-python-2.7.16-4.el7.s390x.rpm python27-python-debug-2.7.16-4.el7.s390x.rpm python27-python-debuginfo-2.7.16-4.el7.s390x.rpm python27-python-devel-2.7.16-4.el7.s390x.rpm python27-python-libs-2.7.16-4.el7.s390x.rpm python27-python-test-2.7.16-4.el7.s390x.rpm python27-python-tools-2.7.16-4.el7.s390x.rpm python27-tkinter-2.7.16-4.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm ppc64le: python27-python-2.7.16-4.el7.ppc64le.rpm python27-python-debug-2.7.16-4.el7.ppc64le.rpm python27-python-debuginfo-2.7.16-4.el7.ppc64le.rpm python27-python-devel-2.7.16-4.el7.ppc64le.rpm python27-python-libs-2.7.16-4.el7.ppc64le.rpm python27-python-test-2.7.16-4.el7.ppc64le.rpm python27-python-tools-2.7.16-4.el7.ppc64le.rpm python27-tkinter-2.7.16-4.el7.ppc64le.rpm s390x: python27-python-2.7.16-4.el7.s390x.rpm python27-python-debug-2.7.16-4.el7.s390x.rpm python27-python-debuginfo-2.7.16-4.el7.s390x.rpm python27-python-devel-2.7.16-4.el7.s390x.rpm python27-python-libs-2.7.16-4.el7.s390x.rpm python27-python-test-2.7.16-4.el7.s390x.rpm python27-python-tools-2.7.16-4.el7.s390x.rpm python27-tkinter-2.7.16-4.el7.s390x.rpm x86_64: python27-python-2.7.16-4.el7.x86_64.rpm python27-python-debug-2.7.16-4.el7.x86_64.rpm python27-python-debuginfo-2.7.16-4.el7.x86_64.rpm python27-python-devel-2.7.16-4.el7.x86_64.rpm python27-python-libs-2.7.16-4.el7.x86_64.rpm python27-python-test-2.7.16-4.el7.x86_64.rpm python27-python-tools-2.7.16-4.el7.x86_64.rpm python27-tkinter-2.7.16-4.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm ppc64le: python27-python-2.7.16-4.el7.ppc64le.rpm python27-python-debug-2.7.16-4.el7.ppc64le.rpm python27-python-debuginfo-2.7.16-4.el7.ppc64le.rpm python27-python-devel-2.7.16-4.el7.ppc64le.rpm python27-python-libs-2.7.16-4.el7.ppc64le.rpm python27-python-test-2.7.16-4.el7.ppc64le.rpm python27-python-tools-2.7.16-4.el7.ppc64le.rpm python27-tkinter-2.7.16-4.el7.ppc64le.rpm s390x: python27-python-2.7.16-4.el7.s390x.rpm python27-python-debug-2.7.16-4.el7.s390x.rpm python27-python-debuginfo-2.7.16-4.el7.s390x.rpm python27-python-devel-2.7.16-4.el7.s390x.rpm python27-python-libs-2.7.16-4.el7.s390x.rpm python27-python-test-2.7.16-4.el7.s390x.rpm python27-python-tools-2.7.16-4.el7.s390x.rpm python27-tkinter-2.7.16-4.el7.s390x.rpm x86_64: python27-python-2.7.16-4.el7.x86_64.rpm python27-python-debug-2.7.16-4.el7.x86_64.rpm python27-python-debuginfo-2.7.16-4.el7.x86_64.rpm python27-python-devel-2.7.16-4.el7.x86_64.rpm python27-python-libs-2.7.16-4.el7.x86_64.rpm python27-python-test-2.7.16-4.el7.x86_64.rpm python27-python-tools-2.7.16-4.el7.x86_64.rpm python27-tkinter-2.7.16-4.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm ppc64le: python27-python-2.7.16-4.el7.ppc64le.rpm python27-python-debug-2.7.16-4.el7.ppc64le.rpm python27-python-debuginfo-2.7.16-4.el7.ppc64le.rpm python27-python-devel-2.7.16-4.el7.ppc64le.rpm python27-python-libs-2.7.16-4.el7.ppc64le.rpm python27-python-test-2.7.16-4.el7.ppc64le.rpm python27-python-tools-2.7.16-4.el7.ppc64le.rpm python27-tkinter-2.7.16-4.el7.ppc64le.rpm s390x: python27-python-2.7.16-4.el7.s390x.rpm python27-python-debug-2.7.16-4.el7.s390x.rpm python27-python-debuginfo-2.7.16-4.el7.s390x.rpm python27-python-devel-2.7.16-4.el7.s390x.rpm python27-python-libs-2.7.16-4.el7.s390x.rpm python27-python-test-2.7.16-4.el7.s390x.rpm python27-python-tools-2.7.16-4.el7.s390x.rpm python27-tkinter-2.7.16-4.el7.s390x.rpm x86_64: python27-python-2.7.16-4.el7.x86_64.rpm python27-python-debug-2.7.16-4.el7.x86_64.rpm python27-python-debuginfo-2.7.16-4.el7.x86_64.rpm python27-python-devel-2.7.16-4.el7.x86_64.rpm python27-python-libs-2.7.16-4.el7.x86_64.rpm python27-python-test-2.7.16-4.el7.x86_64.rpm python27-python-tools-2.7.16-4.el7.x86_64.rpm python27-tkinter-2.7.16-4.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm ppc64le: python27-python-2.7.16-4.el7.ppc64le.rpm python27-python-debug-2.7.16-4.el7.ppc64le.rpm python27-python-debuginfo-2.7.16-4.el7.ppc64le.rpm python27-python-devel-2.7.16-4.el7.ppc64le.rpm python27-python-libs-2.7.16-4.el7.ppc64le.rpm python27-python-test-2.7.16-4.el7.ppc64le.rpm python27-python-tools-2.7.16-4.el7.ppc64le.rpm python27-tkinter-2.7.16-4.el7.ppc64le.rpm s390x: python27-python-2.7.16-4.el7.s390x.rpm python27-python-debug-2.7.16-4.el7.s390x.rpm python27-python-debuginfo-2.7.16-4.el7.s390x.rpm python27-python-devel-2.7.16-4.el7.s390x.rpm python27-python-libs-2.7.16-4.el7.s390x.rpm python27-python-test-2.7.16-4.el7.s390x.rpm python27-python-tools-2.7.16-4.el7.s390x.rpm python27-tkinter-2.7.16-4.el7.s390x.rpm x86_64: python27-python-2.7.16-4.el7.x86_64.rpm python27-python-debug-2.7.16-4.el7.x86_64.rpm python27-python-debuginfo-2.7.16-4.el7.x86_64.rpm python27-python-devel-2.7.16-4.el7.x86_64.rpm python27-python-libs-2.7.16-4.el7.x86_64.rpm python27-python-test-2.7.16-4.el7.x86_64.rpm python27-python-tools-2.7.16-4.el7.x86_64.rpm python27-tkinter-2.7.16-4.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-python-2.7.16-4.el7.src.rpm python27-python-jinja2-2.6-15.el7.src.rpm noarch: python27-python-jinja2-2.6-15.el7.noarch.rpm x86_64: python27-python-2.7.16-4.el7.x86_64.rpm python27-python-debug-2.7.16-4.el7.x86_64.rpm python27-python-debuginfo-2.7.16-4.el7.x86_64.rpm python27-python-devel-2.7.16-4.el7.x86_64.rpm python27-python-libs-2.7.16-4.el7.x86_64.rpm python27-python-test-2.7.16-4.el7.x86_64.rpm python27-python-tools-2.7.16-4.el7.x86_64.rpm python27-tkinter-2.7.16-4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2016-10745 https://access.redhat.com/security/cve/CVE-2018-1060 https://access.redhat.com/security/cve/CVE-2018-1061 https://access.redhat.com/security/cve/CVE-2018-14647 https://access.redhat.com/security/cve/CVE-2019-9740 https://access.redhat.com/security/cve/CVE-2019-9947 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXOU6fdzjgjWX9erEAQjKUA/9FwsyQeYy5BuWNDYPg4RHtORWz5bjJPON GvnoQJJbegyBaIW6zhkZCFj87PTdcAvMRK7P/r+HZSCzaSYqS02NtxL+bVS0s9H2 cLzUOt4UW1gylkxBV+rLKnvxwZ5gFIZUTjKcMu7BofcNMJLs+aNVuK7WiZcBEZ7D mJP3lnLflELDR5nhJ0og8s6yjop14y3MLFNsk5Y1XxZ583fWY7o2dTUu/a/SXNZl tfvFwjZBnTcMb7L/z3GVrnnTaQsgLbb8ZWMJ/s3SHpnHLLqOO2pPS1dAjamTIY8L 3W/AZQmGTD5kUdp6AUrIDMB+sz3h+DsoJcQSCK10a2wCrxJKQxI+93/ru0bUs3nU GwWPOUwbTv963twz51+J+qJyRsEjUdnuN8omzCis3KtBjyfN1xGA3rk4OQdo4TYc Ox/5RuKPuoa4NtmrWj93cq4/wAA7d+n8NEO/Rc/JZdzGGuA1DshB5YAHxw+AIMIo HIWetQFs/QvPycnZ3fwTYk4ihYk0lXMW74T3YHUZVw0K6KGZJm2vVg+dtgb+FREC SDPwuuW9uu9DoHu2eb/5kMnB8hyGEtf4c9vWGkuyCKAavrnGM7/O1vQtH3NBsgro X2hT6q5k5jW1WQukK8IKo3wFnyuCzID7BWuk643ftqKJYi5IxIvpNdQJCttv17B2 T9yl0ljR5fo=JWMk -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant patch for python27-python impacts Red Hat Software Collections. Explore the improvements here.. Red Hat, Python Update, Security Impact, Software Collections, Bug Fix. . Severity: Important. LinuxSecurity.com Team

May 22, 2019 •Important Red Hat

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Debian 10: DSA-5938-1 critical: tornado DoS due to logging

Fedora 41: FEDORA-2024-396c94f0a3 Critical: Denial of Service in Django

Django DoS Vulnerability in Ubuntu 23.04, 22.04 LTS, and 20.04 LTS

Fedora 34 Python-Django: 2021-01044b8a59 Moderate: Directory Traversal Fix

Debian Buster DLA-2675-1 Critical: Django Directory Traversal Issue

Debian 8: DLA-2145-1 Moderate: Twisted HTTP Splitting Threats

Debian 8: DLA-1892-1 Critical: Flask Input Validation DoS

Red Hat: RHSA-2019-1260-01 Important: Python27-Python Security Impact

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!