Lucene search

K
oraclelinuxOracleLinuxELSA-2021-4160
HistoryNov 16, 2021 - 12:00 a.m.

python39:3.9 and python39-devel:3.9 security update

2021-11-1600:00:00
linux.oracle.com
31

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

mod_wsgi
[4.7.1-4]

  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [4.7.1-3]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [4.7.1-2]
  • Rebuilt for Python 3.9
    [4.7.1-1]
  • update to 4.7.1 (#1721376)
    numpy
    [1.19.4-3]
  • Adjusted the postun scriptlets to enable upgrading to RHEL 9
  • Resolves: rhbz#1933055
    [1.19.4-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1:1.19.4-1]
  • 1.19.4
    python-cffi
    [1.14.3-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1.14.3-1]
  • Update to 1.14.3
    [1.14.2-1]
  • Update to 1.14.2 (#1869032)
    [1.14.1-1]
  • Update to 1.14.1
  • Fixes: rhbz#1860698
  • Fixes: rhbz#1865276
    python-cryptography
    [3.3.1-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [3.3.1-1]
  • Update to 3.3.1 (#1905756)
    python-idna
    [2.10-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [2.10-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [2.10-1]
  • Update to 2.10 (#1851653)
    [2.9-2]
  • Rebuilt for Python 3.9
    [2.9-1]
  • Update to 2.9 (#1803654)
    python-lxml
    [4.6.2-3]
  • Security fix for CVE-2021-28957
    Resolves: rhbz#1941534
    [4.6.2-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [4.6.2-1]
  • Update to 4.6.2
  • Fixes CVE-2020-27783 and another vulnerability in the HTML Cleaner
  • Fixes: rhbz#1855415
  • Fixes: rhbz#1901634
    python-psutil
    [5.8.0-4]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [5.8.0-3]
  • Disable test_leak_mem test.
    [5.8.0-2]
  • Disable test_sensors_temperatures test.
    [5.8.0-1]
  • Update to 5.8.0. Fixes rhbz#1909321
  • Re-enable tests (skipping 2 that fail in mock).
    python-psycopg2
    [2.8.6-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [2.8.6-1]
  • Rebase to upstream version 2.8.6
    python-pycparser
    [2.20-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [2.20-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [2.20-1]
  • Update to 2.20 (#1810349)
    python-requests
    [2.25.0-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [2.25.0-1]
  • Update to 2.25.0
    python-toml
    [0.10.1-5]
  • Convert spec for python39 module in RHEL8
  • Revert usage of pyproject-rpm-macros
  • Resolves: rhbz#1877430
    [0.10.1-4]
  • Dont BR pytest-cov
    [0.10.1-3]
  • Use pyproject-rpm-macros
    [0.10.1-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [0.10.1-1]
  • Update to 0.10.1 (#1835567)
    python-urllib3
    [1.25.10-4]
  • Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
    Resolves: rhbz#1968074
    [1.25.10-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1.25.10-2]
  • Update RECENT_DATE dynamically
    [1.25.10-1]
  • Update to 1.25.10. Fixed bug #1824900
    python-wheel
    [1:0.35.1-4]
  • Adjusted the postun scriptlets to enable upgrading to RHEL 9
  • Resolves: rhbz#1933055
    [1:0.35.1-3]
  • Add back Epoch 1 to the package version because the original version with the
    epoch was available in CentOS Stream for a few days
  • Resolves: rhbz#1877430
    [1:0.35.1-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1:0.35.1-1]
  • Update to 0.35.1
  • Fixes: rhbz#1868821
    python39
    [3.9.6-2]
  • Adjusted the postun scriptlets to enable upgrading to RHEL 9
  • Resolves: rhbz#1933055
    [3.9.6-1]
  • Update to 3.9.6
  • Fix CVE-2021-29921: Improper input validation of octal strings in the ipaddress module
    Resolves: rhbz#1957458
    [3.9.2-2]
  • Security fix for CVE-2021-3426: information disclosure via pydoc
    Resolves: rhbz#1935913
    python3x-pip
    [20.2.4-6]
  • Adjusted the postun scriptlets to enable upgrading to RHEL 9
  • Resolves: rhbz#1933055
    [20.2.4-5]
  • Fix for CVE-2021-33503 Catastrophic backtracking in URL authority parser
    Resolves: rhbz#1968074
    [20.2.4-4]
  • Fix for CVE-2021-3572 - pip incorrectly handled unicode separators in git references
    Resolves: rhbz#1962856
    [20.2.4-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [20.2.4-2]
  • Disable tests and documentation in Fedora ELN (and RHEL)
    [20.2.4-1]
  • Update to 20.2.4 (#1889112)
    python3x-setuptools
    [50.3.2-4]
  • Adjusted the postun scriptlets to enable upgrading to RHEL 9
  • Resolves: rhbz#1933055
    [50.3.2-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [50.3.2-2]
  • Disable tests in Fedora ELN (and RHEL)
    [50.3.2-1]
  • Update to 50.3.2 (#1889093)
    python3x-six
    [1.15.0-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1.15.0-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [1.15.0-1]
  • Update to 1.15.0 (#1838702)
    scipy
    [1.5.4-3]
  • Specify LDFLAGS explicitly
  • Force preprocessing of Fortran sources to make annobin record proper flags
  • Resolves: rhbz#1778983 rhbz#1877430
    [1.5.4-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [1.5.4-1]
  • New upstream release 1.5.4
  • Increase test timeout, 300 seconds is not always enough
    for test_logpdf_overflow on s390x
    resolves: #1894887
    pytest
    [6.0.2-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [6.0.2-1]
  • Update to 6.0.2.
    python-iniconfig
    [1.1.1-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Revert usage of pyproject-rpm-macros
  • Remove dependency on setuptools_scm
  • Resolves: rhbz#1877430
    [1.1.1-1]
  • Update to 1.1.1 (#1888157)
    python-more-itertools
    [8.5.0-2]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [8.5.0-1]
  • Update to 8.5.0 (#1873653)
    [8.4.0-1]
  • Update to 8.4.0
  • Fixes rhbz#1778332
    python-wcwidth
    [0.2.5-3]
  • Convert from Fedora to the python39 module in RHEL8
  • Resolves: rhbz#1877430
    [0.2.5-2]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
    [0.2.5-1]
  • Update to 0.2.5 (#1850238)

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

Related for ELSA-2021-4160