pcp, perl, python security update

CentOS Errata and Security Advisory CESA-2020:3869

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems.

Security Fix(es):

• pcp: Local privilege escalation in pcp spec file %post section (CVE-2019-3695)

• pcp: Local privilege escalation in pcp spec file through migrate_tempdirs (CVE-2019-3696)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2020-October/032868.html

Affected packages:
pcp
pcp-conf
pcp-devel
pcp-doc
pcp-export-pcp2elasticsearch
pcp-export-pcp2graphite
pcp-export-pcp2influxdb
pcp-export-pcp2json
pcp-export-pcp2spark
pcp-export-pcp2xml
pcp-export-pcp2zabbix
pcp-export-zabbix-agent
pcp-gui
pcp-import-collectl2pcp
pcp-import-ganglia2pcp
pcp-import-iostat2pcp
pcp-import-mrtg2pcp
pcp-import-sar2pcp
pcp-libs
pcp-libs-devel
pcp-manager
pcp-pmda-activemq
pcp-pmda-apache
pcp-pmda-bash
pcp-pmda-bcc
pcp-pmda-bind2
pcp-pmda-bonding
pcp-pmda-cifs
pcp-pmda-cisco
pcp-pmda-dbping
pcp-pmda-dm
pcp-pmda-docker
pcp-pmda-ds389
pcp-pmda-ds389log
pcp-pmda-elasticsearch
pcp-pmda-gfs2
pcp-pmda-gluster
pcp-pmda-gpfs
pcp-pmda-gpsd
pcp-pmda-haproxy
pcp-pmda-infiniband
pcp-pmda-json
pcp-pmda-libvirt
pcp-pmda-lio
pcp-pmda-lmsensors
pcp-pmda-logger
pcp-pmda-lustre
pcp-pmda-lustrecomm
pcp-pmda-mailq
pcp-pmda-memcache
pcp-pmda-mic
pcp-pmda-mounts
pcp-pmda-mysql
pcp-pmda-named
pcp-pmda-netfilter
pcp-pmda-news
pcp-pmda-nfsclient
pcp-pmda-nginx
pcp-pmda-nvidia-gpu
pcp-pmda-oracle
pcp-pmda-pdns
pcp-pmda-perfevent
pcp-pmda-postfix
pcp-pmda-postgresql
pcp-pmda-prometheus
pcp-pmda-redis
pcp-pmda-roomtemp
pcp-pmda-rpm
pcp-pmda-rsyslog
pcp-pmda-samba
pcp-pmda-sendmail
pcp-pmda-shping
pcp-pmda-slurm
pcp-pmda-smart
pcp-pmda-snmp
pcp-pmda-summary
pcp-pmda-systemd
pcp-pmda-trace
pcp-pmda-unbound
pcp-pmda-vmware
pcp-pmda-weblog
pcp-pmda-zimbra
pcp-pmda-zswap
pcp-selinux
pcp-system-tools
pcp-testsuite
pcp-webapi
pcp-webapp-blinkenlights
pcp-webapp-grafana
pcp-webapp-graphite
pcp-webapp-vector
pcp-webjs
pcp-zeroconf
perl-PCP-LogImport
perl-PCP-LogSummary
perl-PCP-MMV
perl-PCP-PMDA
python-pcp

Upstream details at:
https://access.redhat.com/errata/RHSA-2020:3869