AlmaLinux 2324 Published by

A python38:3.8 security update has been released for AlmaLinux.



ALSA-2021:1879 Moderate: python38:3.8 security update


Type:
security

Severity:
moderate

Release date:
2021-05-18

Description
Security Fix(es):
* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)
* python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
CVE-2020-26116
CVE-2020-27783
CVE-2021-3177

Updates packages:
python38-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-Cython-0.29.14-4.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-PyMySQL-0.10.1-1.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-asn1crypto-1.2.0-3.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-babel-2.7.0-10.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-cffi-1.13.2-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-chardet-3.0.4-19.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-cryptography-2.8-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-debug-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-devel-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-idle-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-idna-2.8-6.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-jinja2-2.10.3-4.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-libs-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-lxml-4.4.1-5.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-markupsafe-1.1.1-6.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-mod_wsgi-4.6.8-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-numpy-1.17.3-5.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-numpy-doc-1.17.3-5.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-numpy-f2py-1.17.3-5.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-pip-19.3.1-1.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-pip-wheel-19.3.1-1.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-ply-3.11-10.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-psutil-5.6.4-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-psycopg2-2.8.4-4.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-psycopg2-doc-2.8.4-4.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-psycopg2-tests-2.8.4-4.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-pycparser-2.19-3.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-pysocks-1.7.1-4.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-pytz-2019.3-3.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-pyyaml-5.3.1-1.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-requests-2.22.0-9.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-rpm-macros-3.8.6-3.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-scipy-1.3.1-4.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-setuptools-41.6.0-4.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-setuptools-wheel-41.6.0-4.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-six-1.12.0-10.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-test-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-tkinter-3.8.6-3.module_el8.4.0+2181+8e86ab84.x86_64.rpm
python38-urllib3-1.25.7-4.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-wheel-0.33.6-5.module_el8.4.0+2181+8e86ab84.noarch.rpm
python38-wheel-wheel-0.33.6-5.module_el8.4.0+2181+8e86ab84.noarch.rpm

Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2021:1879 Moderate: python38:3.8 security update