Red Hat Security Advisory 2021-4162-05

Red Hat Security Advisory 2021-4162-05: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4162-05 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, double free, information leakage, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, python; systems | linux, redhat; advisories | CVE-2019-18874, CVE-2020-28493, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572, CVE-2021-42771; SHA-256 | e213dc130fe6c0f9ceeb6dbc6201ba34dd61a302b188cea3f4e8ad9fc8057754; Download | Favorite | View
Red Hat Security Advisory 2021-4162-05

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: python38:3.8 and python38-devel:3.8 security update
Advisory ID:       RHSA-2021:4162-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:4162
Issue date:        2021-11-09
CVE Names:         CVE-2019-18874 CVE-2020-28493 CVE-2021-3426
                   CVE-2021-3572 CVE-2021-20095 CVE-2021-23336
                   CVE-2021-28957 CVE-2021-29921 CVE-2021-33503
                   CVE-2021-42771
====================================================================
1. Summary:

An update for the python38:3.8 and python38-devel:3.8 modules is now
available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux CRB (v. 8) - noarch

3. Description:

Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to many
system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* python-psutil: Double free because of refcount mishandling
(CVE-2019-18874)

* python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)

* python: Information disclosure via pydoc (CVE-2021-3426)

* python-babel: Relative path traversal allows attacker to load arbitrary
locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)

* python: Web cache poisoning via urllib.parse.parse_qsl and
urllib.parse.parse_qs by using a semicolon in query parameters
(CVE-2021-23336)

* python-lxml: Missing input sanitization for formaction HTML5 attributes
may lead to XSS (CVE-2021-28957)

* python-ipaddress: Improper input validation of octal strings
(CVE-2021-29921)

* python-urllib3: ReDoS in the parsing of authority part of URL
(CVE-2021-33503)

* python-pip: Incorrect handling of unicode separators in git references
(CVE-2021-3572)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1772014 - CVE-2019-18874 python-psutil: Double free because of refcount mishandling
1928707 - CVE-2020-28493 python-jinja2: ReDoS vulnerability in the urlize filter
1928904 - CVE-2021-23336 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
1935913 - CVE-2021-3426 python: Information disclosure via pydoc
1941534 - CVE-2021-28957 python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
1955615 - CVE-2021-20095 CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code
1957458 - CVE-2021-29921 python-ipaddress: Improper input validation of octal strings
1962856 - CVE-2021-3572 python-pip: Incorrect handling of unicode separators in git references
1968074 - CVE-2021-33503 python-urllib3: ReDoS in the parsing of authority part of URL

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79.src.rpm
PyYAML-5.4.1-1.module+el8.5.0+10721+14d8e0d5.src.rpm
babel-2.7.0-11.module+el8.5.0+11015+9c1c7c42.src.rpm
mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79.src.rpm
numpy-1.17.3-6.module+el8.5.0+12205+a865257a.src.rpm
python-PyMySQL-0.10.1-1.module+el8.4.0+9692+8e86ab84.src.rpm
python-asn1crypto-1.2.0-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-chardet-3.0.4-19.module+el8.4.0+8888+89bc7e79.src.rpm
python-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-idna-2.8-6.module+el8.4.0+8888+89bc7e79.src.rpm
python-jinja2-2.10.3-5.module+el8.5.0+10542+ba057329.src.rpm
python-lxml-4.4.1-6.module+el8.5.0+10542+ba057329.src.rpm
python-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79.src.rpm
python-ply-3.11-10.module+el8.4.0+9579+e9717e18.src.rpm
python-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870.src.rpm
python-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79.src.rpm
python-pycparser-2.19-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-pysocks-1.7.1-4.module+el8.4.0+8888+89bc7e79.src.rpm
python-requests-2.22.0-9.module+el8.4.0+8888+89bc7e79.src.rpm
python-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d.src.rpm
python-wheel-0.33.6-6.module+el8.5.0+12205+a865257a.src.rpm
python38-3.8.8-4.module+el8.5.0+12205+a865257a.src.rpm
python3x-pip-19.3.1-4.module+el8.5.0+12205+a865257a.src.rpm
python3x-setuptools-41.6.0-5.module+el8.5.0+12205+a865257a.src.rpm
python3x-six-1.12.0-10.module+el8.4.0+8888+89bc7e79.src.rpm
pytz-2019.3-3.module+el8.4.0+8888+89bc7e79.src.rpm
scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79.src.rpm

aarch64:
Cython-debugsource-0.29.14-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10721+14d8e0d5.aarch64.rpm
numpy-debugsource-1.17.3-6.module+el8.5.0+12205+a865257a.aarch64.rpm
python-cffi-debugsource-1.13.2-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python-cryptography-debugsource-2.8-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python-lxml-debugsource-4.4.1-6.module+el8.5.0+10542+ba057329.aarch64.rpm
python-markupsafe-debugsource-1.1.1-6.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python-psutil-debugsource-5.6.4-4.module+el8.5.0+12031+10ce4870.aarch64.rpm
python-psycopg2-debugsource-2.8.4-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-Cython-debuginfo-0.29.14-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-cffi-debuginfo-1.13.2-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-cryptography-debuginfo-2.8-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-debuginfo-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-debugsource-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329.aarch64.rpm
python38-lxml-debuginfo-4.4.1-6.module+el8.5.0+10542+ba057329.aarch64.rpm
python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-markupsafe-debuginfo-1.1.1-6.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-numpy-debuginfo-1.17.3-6.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870.aarch64.rpm
python38-psutil-debuginfo-5.6.4-4.module+el8.5.0+12031+10ce4870.aarch64.rpm
python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-psycopg2-debuginfo-2.8.4-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5.aarch64.rpm
python38-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10721+14d8e0d5.aarch64.rpm
python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-scipy-debuginfo-1.3.1-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm
python38-test-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a.aarch64.rpm
scipy-debugsource-1.3.1-4.module+el8.4.0+8888+89bc7e79.aarch64.rpm

noarch:
python38-PyMySQL-0.10.1-1.module+el8.4.0+9692+8e86ab84.noarch.rpm
python38-asn1crypto-1.2.0-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-babel-2.7.0-11.module+el8.5.0+11015+9c1c7c42.noarch.rpm
python38-chardet-3.0.4-19.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-idna-2.8-6.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-jinja2-2.10.3-5.module+el8.5.0+10542+ba057329.noarch.rpm
python38-numpy-doc-1.17.3-6.module+el8.5.0+12205+a865257a.noarch.rpm
python38-pip-19.3.1-4.module+el8.5.0+12205+a865257a.noarch.rpm
python38-pip-wheel-19.3.1-4.module+el8.5.0+12205+a865257a.noarch.rpm
python38-ply-3.11-10.module+el8.4.0+9579+e9717e18.noarch.rpm
python38-pycparser-2.19-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-pysocks-1.7.1-4.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-pytz-2019.3-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-requests-2.22.0-9.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-rpm-macros-3.8.8-4.module+el8.5.0+12205+a865257a.noarch.rpm
python38-setuptools-41.6.0-5.module+el8.5.0+12205+a865257a.noarch.rpm
python38-setuptools-wheel-41.6.0-5.module+el8.5.0+12205+a865257a.noarch.rpm
python38-six-1.12.0-10.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-urllib3-1.25.7-5.module+el8.5.0+11639+ea5b349d.noarch.rpm
python38-wheel-0.33.6-6.module+el8.5.0+12205+a865257a.noarch.rpm
python38-wheel-wheel-0.33.6-6.module+el8.5.0+12205+a865257a.noarch.rpm

ppc64le:
Cython-debugsource-0.29.14-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10721+14d8e0d5.ppc64le.rpm
numpy-debugsource-1.17.3-6.module+el8.5.0+12205+a865257a.ppc64le.rpm
python-cffi-debugsource-1.13.2-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python-cryptography-debugsource-2.8-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python-lxml-debugsource-4.4.1-6.module+el8.5.0+10542+ba057329.ppc64le.rpm
python-markupsafe-debugsource-1.1.1-6.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python-psutil-debugsource-5.6.4-4.module+el8.5.0+12031+10ce4870.ppc64le.rpm
python-psycopg2-debugsource-2.8.4-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-Cython-debuginfo-0.29.14-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-cffi-debuginfo-1.13.2-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-cryptography-debuginfo-2.8-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-debuginfo-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-debugsource-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329.ppc64le.rpm
python38-lxml-debuginfo-4.4.1-6.module+el8.5.0+10542+ba057329.ppc64le.rpm
python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-markupsafe-debuginfo-1.1.1-6.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-numpy-debuginfo-1.17.3-6.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870.ppc64le.rpm
python38-psutil-debuginfo-5.6.4-4.module+el8.5.0+12031+10ce4870.ppc64le.rpm
python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-psycopg2-debuginfo-2.8.4-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5.ppc64le.rpm
python38-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10721+14d8e0d5.ppc64le.rpm
python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-scipy-debuginfo-1.3.1-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm
python38-test-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a.ppc64le.rpm
scipy-debugsource-1.3.1-4.module+el8.4.0+8888+89bc7e79.ppc64le.rpm

s390x:
Cython-debugsource-0.29.14-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10721+14d8e0d5.s390x.rpm
numpy-debugsource-1.17.3-6.module+el8.5.0+12205+a865257a.s390x.rpm
python-cffi-debugsource-1.13.2-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python-cryptography-debugsource-2.8-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python-lxml-debugsource-4.4.1-6.module+el8.5.0+10542+ba057329.s390x.rpm
python-markupsafe-debugsource-1.1.1-6.module+el8.4.0+8888+89bc7e79.s390x.rpm
python-psutil-debugsource-5.6.4-4.module+el8.5.0+12031+10ce4870.s390x.rpm
python-psycopg2-debugsource-2.8.4-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-Cython-debuginfo-0.29.14-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-cffi-debuginfo-1.13.2-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-cryptography-debuginfo-2.8-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-debuginfo-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-debugsource-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329.s390x.rpm
python38-lxml-debuginfo-4.4.1-6.module+el8.5.0+10542+ba057329.s390x.rpm
python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-markupsafe-debuginfo-1.1.1-6.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a.s390x.rpm
python38-numpy-debuginfo-1.17.3-6.module+el8.5.0+12205+a865257a.s390x.rpm
python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a.s390x.rpm
python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870.s390x.rpm
python38-psutil-debuginfo-5.6.4-4.module+el8.5.0+12031+10ce4870.s390x.rpm
python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-psycopg2-debuginfo-2.8.4-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5.s390x.rpm
python38-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10721+14d8e0d5.s390x.rpm
python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-scipy-debuginfo-1.3.1-4.module+el8.4.0+8888+89bc7e79.s390x.rpm
python38-test-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a.s390x.rpm
scipy-debugsource-1.3.1-4.module+el8.4.0+8888+89bc7e79.s390x.rpm

x86_64:
Cython-debugsource-0.29.14-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
PyYAML-debugsource-5.4.1-1.module+el8.5.0+10721+14d8e0d5.x86_64.rpm
numpy-debugsource-1.17.3-6.module+el8.5.0+12205+a865257a.x86_64.rpm
python-cffi-debugsource-1.13.2-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python-cryptography-debugsource-2.8-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python-lxml-debugsource-4.4.1-6.module+el8.5.0+10542+ba057329.x86_64.rpm
python-markupsafe-debugsource-1.1.1-6.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python-psutil-debugsource-5.6.4-4.module+el8.5.0+12031+10ce4870.x86_64.rpm
python-psycopg2-debugsource-2.8.4-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-Cython-0.29.14-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-Cython-debuginfo-0.29.14-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-cffi-1.13.2-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-cffi-debuginfo-1.13.2-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-cryptography-2.8-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-cryptography-debuginfo-2.8-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-debug-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-debuginfo-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-debugsource-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-devel-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-idle-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-libs-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-lxml-4.4.1-6.module+el8.5.0+10542+ba057329.x86_64.rpm
python38-lxml-debuginfo-4.4.1-6.module+el8.5.0+10542+ba057329.x86_64.rpm
python38-markupsafe-1.1.1-6.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-markupsafe-debuginfo-1.1.1-6.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-mod_wsgi-4.6.8-3.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-numpy-1.17.3-6.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-numpy-debuginfo-1.17.3-6.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-numpy-f2py-1.17.3-6.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-psutil-5.6.4-4.module+el8.5.0+12031+10ce4870.x86_64.rpm
python38-psutil-debuginfo-5.6.4-4.module+el8.5.0+12031+10ce4870.x86_64.rpm
python38-psycopg2-2.8.4-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-psycopg2-debuginfo-2.8.4-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-psycopg2-doc-2.8.4-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-psycopg2-tests-2.8.4-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-pyyaml-5.4.1-1.module+el8.5.0+10721+14d8e0d5.x86_64.rpm
python38-pyyaml-debuginfo-5.4.1-1.module+el8.5.0+10721+14d8e0d5.x86_64.rpm
python38-scipy-1.3.1-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-scipy-debuginfo-1.3.1-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm
python38-test-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
python38-tkinter-3.8.8-4.module+el8.5.0+12205+a865257a.x86_64.rpm
scipy-debugsource-1.3.1-4.module+el8.4.0+8888+89bc7e79.x86_64.rpm

Red Hat Enterprise Linux CRB (v. 8):

Source:
pytest-4.6.6-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-atomicwrites-1.3.0-8.module+el8.4.0+8888+89bc7e79.src.rpm
python-attrs-19.3.0-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-more-itertools-7.2.0-5.module+el8.4.0+8888+89bc7e79.src.rpm
python-packaging-19.2-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-pluggy-0.13.0-3.module+el8.4.0+8888+89bc7e79.src.rpm
python-py-1.8.0-8.module+el8.4.0+8888+89bc7e79.src.rpm
python-wcwidth-0.1.7-16.module+el8.4.0+8888+89bc7e79.src.rpm
python3x-pyparsing-2.4.5-3.module+el8.4.0+8888+89bc7e79.src.rpm

noarch:
python38-atomicwrites-1.3.0-8.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-attrs-19.3.0-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-more-itertools-7.2.0-5.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-packaging-19.2-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-pluggy-0.13.0-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-py-1.8.0-8.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-pyparsing-2.4.5-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-pytest-4.6.6-3.module+el8.4.0+8888+89bc7e79.noarch.rpm
python38-wcwidth-0.1.7-16.module+el8.4.0+8888+89bc7e79.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-18874
https://access.redhat.com/security/cve/CVE-2020-28493
https://access.redhat.com/security/cve/CVE-2021-3426
https://access.redhat.com/security/cve/CVE-2021-3572
https://access.redhat.com/security/cve/CVE-2021-20095
https://access.redhat.com/security/cve/CVE-2021-23336
https://access.redhat.com/security/cve/CVE-2021-28957
https://access.redhat.com/security/cve/CVE-2021-29921
https://access.redhat.com/security/cve/CVE-2021-33503
https://access.redhat.com/security/cve/CVE-2021-42771
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYYrccNzjgjWX9erEAQgcow/+J1I9zXK31HuQLiWziBHMJnIOYz8EbPgC
hLVd/V5gbg593I2Z9cnJUQg0gepzELPJo4XWJryolEbjyrgOCjXIBysKOUvIYlDw
TQMcYWzOLxgHnds6/OWE3XLTvMwHim6UqoWyqol92At5DGE8AT9dlJO0pO9PQ3a+
OlOe5y2XLtqUdweTypPVs+SrIaYUyuIUDW23YCzDvLGtN/mZcZ8REDHwGsBRoKXn
H7dPOVQvlNCrXk8fj+5plBfsPxZJ1ALHjTrNIOfUZCQEPc6jMNqZUxT9SmdsLxPu
fEu+aXV3J9Jz66xD/NZoRAzXuXeEsj4cpSqGQepY3nXe9CuYNhOQMUQggC/EFrxu
0UDOgeTHmgwTkSTnWqylmoOOLoOMHyw8McLNQnfzkWTwIQCzxwK9LuZLSMMD/48v
Fy4tPOfI38wq79R3QF96eCpLZ1crPhOMEzDzRm9/QF9CozBsXSDvWh3PEhbPDSdZ
sRPsv9c0VISzcZv0A1ZRwpFwfItqBZrQOAfELk3ndvWyC0MhCazwQ20dB8HGHQup
De7adLZHrUlNvuM8bIIEZUunxB3uVANz8nOzxz9y7rccV+kMlTEdGGKKgQcAp7jQ
qCu6C4EqvDKKGonrkkh4QXsMFQxSCIsi33m4xuVgKh3lWs4SKnhUTWNDbeuwsp8R
iO8H05zpsrI=3U2h
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files
File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other
Red Hat Security Advisory 2021-4162-05

Red Hat Security Advisory 2021-4162-05

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2021-4162-05

Share This

Red Hat Security Advisory 2021-4162-05

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems
