Lucene search

K
oraclelinuxOracleLinuxELSA-2022-1821
HistoryMay 17, 2022 - 12:00 a.m.

python27:2.7 security update

2022-05-1700:00:00
linux.oracle.com
41

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

babel
[9.0.3-19]

  • Remove bundled windows executables
  • Resolves: rhbz#2006792
    python2
    [2.7.18-10.0.1]
  • Add Oracle Linux distribution in platform.py [Orabug: 20812544]
    [2.7.18-10]
  • Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs
    Resolves: rhbz#2047376
    [2.7.18-9]
  • Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response
    Resolves: rhbz#2036020
    [2.7.18-8]
  • Security fixes for CVE-2021-3737 and CVE-2021-3733
    Resolves: rhbz#1995162 and rhbz#1995234
    python2-setuptools
    [39.0.1-13]
  • When building for Flatpak inclusion, build in bootstrap mode
    Resolves: rhbz#1907597
    python2-six
    [1.11.0-6]
  • Rename component name to python2-six, clean specfile and remove bconds
  • Resolves: rhbz#1908300
    [1.11.0-5]
  • Bumping due to problems with modular RPM upgrade path
  • Resolves: rhbz#1695587
    [1.11.0-4]
  • Run tests only of the Python versions that are actually built
    [1.11.0-3]
  • Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
    [1.11.0-2]
  • Removed and obsoleted the platform-python subpackage
    [1.11.0-1]
  • Update to 1.11.0
    python-backports
    [1.0-16]
  • Update python macros to python2 versioned macros
  • Issue found when rebuilding the python27 module to include CVE fixes
  • Related: rhbz#1883890 rhbz#1883258
    python-backports-ssl_match_hostname
    [3.5.0.1-12]
  • Remove unversioned Provides
  • Resolves: rhbz#1908300
    python-chardet
    [3.0.4-10]
  • Bumping due to problems with modular RPM upgrade path
  • Resolves: rhbz#1695587
    [3.0.4-9]
  • Remove unversioned binaries from python2 subpackage
  • Resolves: rhbz#1613343
    [3.0.4-8]
  • Switch python3 conditions to bcond
    [3.0.4-7]
  • First version for python27 module
    python-idna
    [2.5-7]
  • Bumping due to problems with modular RPM upgrade path
  • Resolves: rhbz#1695587

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

Related for ELSA-2022-1821